I recently received a copy of a CEO’s description of a fraud/robbery event at the credit union.
The CEO’s summary was sent to all employees for two reasons:
- To fully serve and assure any members whose accounts might have been affected by the event.
- To convert the incident to a learning experience for the entire staff.
Here’s why the CEO believes full transparency matters:
“Whenever we take a loss I consider it a tuition payment. The least we can do is become smarter as a result of making that payment. We’ve already taken all actions to mitigate/manage the risk. Hopefully others can become smarter as well.”
In that spirit, here is his summary description of this very well-planned theft used with permission.
ITM Defalcation
Everyone should be up to date on the robbery that occurred in early March . Perpetrators placed skimmers on two of our ITMs in mid-February and removed them just over a week later. They captured the magnetic stripe data of all cards used during that timeframe, re-encoded vanilla gift cards and drained our ITM’s on a Sunday morning in mid March.
All affected member accounts were immediately made whole, and all cards were blocked and re-issued. We identified all member cards that were compromised and are almost through the process of blocking and re-issuing all of them.
The Secret Service and FBI joined local law enforcement and we are assisting their efforts as much as we can. A bond claim is being filed so we remain uncertain as to what net loss we’ll incur.
What’s Important
Several configuration and procedural changes were implemented immediately, a few more in the days that followed, with still other changes under consideration. What’s important is that no credit union system was compromised at all, we know exactly how the perpetrators did what they did, and are actively taking steps to mitigate any future loss exposure. The perpetrators did not obtain any personal identifiable information (PII) such as name, address, account number, social security number, driver’s license number, etc.
Rapid action was taken to both replace any funds taken from member accounts and to prevent a repeat of this in the future. Everyone in the financial centers and contact center did a great job interacting with impacting members.
Everyone a Risk Manager
The incident was not a “local” gang. This theft was perpetrated by professional thieves who move quickly from state to state. Collaboration is a credit union advantage especially when a CEO is shares his “learning experiences” with his peers. Thank you.