WTF?
This twat ripped off more than half a million and only gets a year in the big house and made to pay a third of it back? Which judge's or politician's son did you say he was again?
New York City's Department of Education was defrauded out of more than $644,000 by hackers who targeted an electronic bank account used to manage petty cash expenditures, investigators said. The DOE's small item payment process account at JPMorgan Chase was supposed to be limited to purchases of less than $500, but an oversight …
Because DOE officials failed to block the use of electronic transfers, the account was wide open. All that was required what the account number and the bank routing number.
So... if I have a check from the DoE (acct. no. and routing no.), the default security is to allow me unlimited acces to your money.
At first take, the failure of a public body to reconcile a bank account for three years seems almost unbelievable. But then the EU Court of Auditors has refused to sign off the EU accounts for the past fifteen years, and found accounting errors in two-thirds of the euro 105 billion budget.
http://www.civitas.org.uk/eufacts/FSINST/IN6.htm
Not familiar with the case but from this article it appears that he wasn't so much engaged directly in the thefts / frauds than telling people how to; much like, "give us £50 and I'll tell you where there's a cash-point that pays out on a Tesco Clubcard".
Any apparent leniency of the sentence probably reflects his actual part in the crime. Is that wrong ?
"Any apparent leniency of the sentence probably reflects his actual part in the crime. Is that wrong ?"
Damn skippy there is! The enabler should get worse than the crooks that took, and the crooks that took should be paying three times what they took plus compounded interest. But that's not the end of what is wrong here. The so-called accounting department should be doing the perp-walk in front of the enabler. They're the ones who are *supposed* to be the ones watching out for the enablers and the thieves.
The account was opened before EFT existed. To me this looks more like an oversight on Chase's side rather than a DOE snafu.
Is there a reason no one else is getting jailed? It seems heaps of comptrollers, CEO's and other folk also had a role in this. Why would Chase enable EFT on an account that is limited to 500 $ withdrawals and not enforce such a limit on that?
more like "inside job" or "hackers exploited the hole before we did". These guys can nail a fraudulent transaction in seconds if they choose to-so to find this supposed unobserved exploit stinks of "blaming someone else" and claiming "innocent mistake".
Someone deliberately left the account misconfigured so they could exploit it to lesser levels, and are "outraged" that someone raided the cookie jar before they did.