My initial thought on this is that it's possible that the culprit may have another means of access to the application that does not require 2 factor. For example it's possible that externally facing systems for the financial institution require MFA, but internally they do not. So if the hacker got the credentials, and had some form of internal access, they may not have needed the second factor. I have seen this at more than a few places, not necessarily financial. Just a theory.
Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected] The Guardian Life Insurance Company of America www.guardianlife.com From: James Hill <[email protected]> To: "[email protected]" <[email protected]> Date: 09/26/2013 03:27 AM Subject: [NTSysADM] Bank funds stolen without access to rsa token, anyone heard of that? Sent by: [email protected] I’ve recently been in discussion with someone who has had money stolen from their bank account. I have seen examples of this in the past when the only authentication in place was a password. But in this case they had two factor authentication. A password and an RSA token. They had funds transferred to an overseas bank account. For this to occur it would normally require logging on to the internet banking system with the password and token code. Then enter the external transfer area, enter the details then enter in the current token code. Has anyone ever heard of this occurring? James. ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you.
<<image/jpeg>>
