As the world becomes increasingly digital, it’s important to be aware of the potential risks associated with online banking. Recently, a major bank announced that a security breach had occurred, potentially putting 220,000 customers’ accounts at risk. This is a serious issue, and it’s important for customers to take steps to protect their accounts and personal information.
The first step is to take a look at your bank account and make sure there are no suspicious transactions. If you notice any unauthorized activity, contact your bank immediately. It’s also important to change your passwords and security questions regularly. This will help protect your account from potential hackers.
Another important step is to use two-factor authentication whenever possible. This means that you’ll need to enter a code sent to your phone or email address in addition to your password in order to access your account. This extra layer of security can help protect your account from unauthorized access.
Finally, it’s important to be aware of phishing scams. These are emails or messages that appear to be from your bank, but are actually from scammers trying to get your personal information. Be sure to never click on links or enter your information in response to these messages.
By taking these steps, you can help protect your bank account from potential breaches. It’s also important to stay informed about the latest security threats and to be aware of any new security measures your bank may be implementing. By following these tips, you can help ensure that your account remains safe and secure.
9 thoughts on “Developing an Operational Security Plan to Protect $220,000 from a Possible Bank Account Breach”
Congratulations on your first post in r/opsec! OPSEC is a mindset and thought process, not a single solution — meaning, when asking a question it’s a good idea to word it in a way that allows others to teach you the mindset rather than a single solution.
Here’s an example of a bad question that is far too vague to explain the threat model first:
> I want to stay safe on the internet. Which browser should I use?
Here’s an example of a good question that explains the threat model without giving too much private information:
> I don’t want to have anyone find my home address on the internet while I use it. Will using a particular browser help me?
Here’s a bad answer (it depends on trusting that user entirely and doesn’t help you learn anything on your own) that you should report immediately:
> You should use X browser because it is the most secure.
Here’s a good answer to explains why it’s good for your specific threat model and also teaches the mindset of OPSEC:
> Y browser has a function that warns you from accidentally sharing your home address on forms, but ultimately this is up to you to control by being vigilant and no single tool or solution will ever be a silver bullet for security. If you follow this, technically you can use any browser!
If you see anyone offering advice that doesn’t feel like it is giving you the tools to make your *own* decisions and rather pushing you to a specific tool as a solution, feel free to report them. Giving advice in the form of a “silver bullet solution” is a bannable offense.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/opsec) if you have any questions or concerns.*
Call their fraud department and get your Acc temporarily locked. they will have logs including device fingerprints.
Firefox 59 is one of the firefox versions used in a version of FraudFox so i would be worried.
>I’m guessing that they compromised the password thru public wifi
that doesnt work anymore.
it may be an overreaction but ive done a full sweep before for less.
Open a completely new account at a different bank and transfer the money yourself for peace of mind.
Spyware or a password leak from some service linked to your bank (or the bank itself) seems most likely. You mentioned plaid/mint, are you using any of those services?
For public wifi unless your bank is using HTTP for some crazy reason, I doubt that’s where anything happened.
You should be good unless they are on Reddit.
Contact the bank? I wouldn’t do anything until the banks knows about it
It’s probably a caching issue on their web server and you were seeing someone else’s data.
Have the bank disable features like Zelle and block online wire transfers so that you have to request wires in person.
No 2FA for bank account access?
Depending on what has happened here, the attacker (if there is one) would have been able to gather quite a bit of information about you (DOB, full name, address, places visited, spending habits etc.), and if you are worth targeting as an individual (high profile, govt employee, politician etc) then you may have to consider some major changes (move address, change banks, start shopping at different places, stop visiting you favourite coffee venue).