A new court ruling won’t provide any relief for businesses that have had financial data stolen by hackers.
Maine-based Patco Construction Company recently sued Ocean Bank after discovering cybercriminals had been siphoning money from its account. After Patco found that nearly $600,000 had been transferred out of the account, Ocean was able to block $243,000 worth of the transfers — but Patco was still on the hook for $345,000.
Apparently, hackers used phishing emails to get Patco’s banking credentials from employees.
Patco’s lawsuit claimed that Ocean should have noticed the suspicious activity and blocked the transfers. The company also claimed the bank failed to follow best security practices, such as requiring customers to use multi-factor authentication, Wired reports.
Though a judge acknowledged that Ocean didn’t have the most secure banking system out there, he ruled that the law didn’t require banks to use the “best” security practices and that Ocean made clear the level of security it was going to provide.
Ultimately, the judge claimed, Patco was responsible for the breach because it failed to secure its log-in credentials.