Another POND - DBS' Karen Ngui says skimming incidents were not a breach of security!

Confuseous

Alfrescian (Inf)
Asset
Joined
Dec 30, 2010
Messages
12,730
Points
113
I am rather disturbed by the comments made recently by DBS, who claim to be the “safest bank in Asia” when they said the following.

“bank officials said its investigation into recent unauthorized withdrawals showed that anti-skimming devices had been breached in two ATMs along Bugis Street in late November”

“A total of 2,700 customers had their ATM cards compromised, but only 400 had unauthorized transactions amounting to S$500,000 deducted from their bank accounts via ATM machines in Malaysia on 4 and 5 January”

They said that the 2 ATMs were breached in November, and a total of 2,700 customers had their ATM cards compromised. 2,700 clients is really like a sore thumb sticking out, but why is it DBS waited till now to inform us of the breach?

When they said 2,700 customers had their ATM cards compromised, what does it mean, were there any fraudulent transactions that resulted in these 2,700 customers being classified as “compromised”?

Next they went on to provide this lame excuse.

“Karen Ngui, managing director and head group strategic marketing and communications at DBS, explained that all of its ATM machines around the island always had anti-skimming devices installed, but these were not 100 per cent fool-proof and “crooks could have bypassed the security measure”It seems that Karen Ngui, knows that the anti-skimming devices installed are not fool proof, yet why did she not flag it as an audit issue, and why were customers not informed that DBS was using a device that is not “fool proof” ?

Does this mean that all the anti-skimming devices installed at ATM’s today by DBS are rendered useless now, and we are vulnerable to similar attacks?

She also went on to say this.

“It is an unfortunate incident and it is clearly not a lapse in security, as similar skimming fraud incidents do occur once in a while to banks around the world,” said Ngui.

Since she is saying that this is “similar” and knows this occurs once in a while around the world, why is it DBS did not take a “lessons learnt” approach to prevent this from happening? This is not a lapse of security but a lapse of negligence, because DBS have firsthand knowledge of this happening around the world.

In a nutshell, this excuse sounds like the PAP “once in every fifty years” flood excuse, what if one day we were told a computer virus ate up our CPF and reserves, and the system is not 100 percent fool proof?

Singaporeans should not be fooled when parties claim to be “safest or best”, and we should not put all our eggs into one basket.


- http://www.tremeritus.com/2012/01/14/dbs-fiasco-negligence-or-security-lapse/
 
Re: Another POND - DBS' Karen Ngui says skimming incidents were not a breach of secur

It is a breach of security but it's not the bank's security that is breached. It is the dumb consumers who have compromised their accounts by not being able to recognise a skimming device when it's staring them in the face.

The onus is on bank customers to keep their pin numbers safe. If they allow the security of their pin codes to be breached, they only have themselves to be blamed if their accounts are compromised.

DBS didn't disclose their pins to a skimming device. They did that all by themselves.

The crooks obviously did their homework and aware that customers of POSB/DBS generally have lower IQs and are less educated compared to customers of other banks. That's why they targetted DBS ATMs.
 
Re: Another POND - DBS' Karen Ngui says skimming incidents were not a breach of secur

Next they went on to provide this lame excuse.

“Karen Ngui, managing director and head group strategic marketing and communications at DBS, explained that all of its ATM machines around the island always had anti-skimming devices installed, but these were not 100 per cent fool-proof and “crooks could have bypassed the security measure”It seems that Karen Ngui, knows that the anti-skimming devices installed are not fool proof, yet why did she not flag it as an audit issue, and why were customers not informed that DBS was using a device that is not “fool proof” ?

Does this mean that all the anti-skimming devices installed at ATM’s today by DBS are rendered useless now, and we are vulnerable to similar attacks?

She also went on to say this.

“It is an unfortunate incident and it is clearly not a lapse in security, as similar skimming fraud incidents do occur once in a while to banks around the world,” said Ngui.

Since she is saying that this is “similar” and knows this occurs once in a while around the world, why is it DBS did not take a “lessons learnt” approach to prevent this from happening? This is not a lapse of security but a lapse of negligence, because DBS have firsthand knowledge of this happening around the world.

This is definitely security breach but whether it is a security lapse which connotates inadequate security measures or negligence on DBS' part is still not sure. Maybe MAS should convene another BOI? One thing that the BOI should look at is whether DBS has installed security measures they know to be ineffective against skimming. Secondly, they must find out whether this is an inside job e.g. technicians servicing the ATMs are part of the gang.

At any rate, it is ridiculous to compare with banks in other countries when you have several other banks in Singapore in similar environment in Singapore.
 
Last edited:
Re: Another POND - DBS' Karen Ngui says skimming incidents were not a breach of secur

Not breach la. It's Christmas spirit of giving!
 
Back
Top