Security & Fraud

Bank of Montreal, CIBC Announce Cyberattacks


Bank of Montreal and Canadian Imperial Bank of Commerce (CIBC) announced Monday (May 28) that hackers stole data on close to 90,000 customers.

According to a report in Reuters, Bank of Montreal said it was contacted by hackers who claimed to have personal and financial data on its customers the bank thinks it’s less than 50,000 of its 8 million customers. The spokesman wouldn’t tell Reuters if customers’ money was stolen in the hack, but did say that the hackers said they would make the data public. The bank is working with authorities and has launched an investigation.

Reuters noted that the Bank of Montreal thinks the attack happened from outside the country and is confident it has shut off the exposure that led to the data breach. Meanwhile, CIBC said fraudsters also contacted it, claiming to have stolen personal and account information on 40,000 customers. Both banks said they have notified customers and urged them to monitor their credit reports.

With hacks on financial firms increasing, banks are taking a military approach to their online security. According to a report in The New York Times, Matthew Nyman, senior director at Mastercard, said, “This is not that different from terrorists and drug cartels. Fundamentally, threat networks operate in similar ways.”

As cybercrime is one of the world’s fastest-growing issues — with at least $445 billion lost last year — it makes sense that banks and payment companies are treating the threat like a war. Nyman oversees Mastercard’s new Fusion Center, a term that comes from the Department of Homeland Security, which set up fusion centers to coordinate federal, state and local intelligence-gathering after the attacks of September 11.

Now, at least a dozen fusion centers have been created at major financial institutions like Citigroup and Wells Fargo, as well as regional banks, such as Bank of the West. In addition, Fifth Third Bank is building a fusion center in its Cincinnati headquarters, and Visa  which created its first two years ago in Virginia  is developing two more in Britain and Singapore.

Fighting off cyber threats has become priority-one for banks, with Visa’s CEO Alfred F. Kelly Jr. telling investors that he is “completely paranoid” about it. And Bank of America’s CEO Brian T. Moynihan said his cybersecurity team is “the only place in the company that doesn’t have a budget constraint.”



The PYMNTS Cross-Border Merchant Friction Index analyzes the key friction points experienced by consumers browsing, shopping and paying for purchases on international eCommerce sites. PYMNTS examined the checkout processes of 266 B2B and B2C eCommerce sites across 12 industries and operating from locations across Europe and the United States to provide a comprehensive overview of their checkout offerings.