Spelling error saves bank $920 million!

Recently it has emerged that hackers, (or perhaps as we should more accurately call them, cyber-thieves), took about $80m (about £56m) from Bangladesh’s central bank.

Apparently the bank had no firewall and used second-hand routers that cost $10 to connect to global financial networks. In what might seem a world-class understatement, an official investigator has been quoted (by Reuters) as saying that better security and hardware would have made attempts to hack the bank more “difficult”…

To commit the attack the perpetrators spent time studying the internal processes of Bangladesh’s central bank so they could convincingly pose as officials when requesting the transfers.

Damn clever these cyber-thieves huh?

Well, err, no, not really. All they got away with was a lousy $80m. (How far will that go these days?). What they were actually after was a bit more than that: They tried to get away with a cool $1bn (£700m), but a spelling mistake in the name of one recipient of funds led another bank, (which was unknowingly helping route the cash), to ask for clarification from the Bangladesh central bank, which then stopped the transaction.

So, there’s are several obvious lesson to be learned here:

  • If you’re a bank, (or any organisation that holds other people’s money/personal data), splash out on a firewall and some decent hardware. (You can get things like this in Currys). Or, better still, why not take some advice from cybersecurity experts and perhaps consider going for ‘Cyber Essentials’?
  • If you’re (would-be) a cyber-thief, maybe think about paying more attention at school or even staying on a bit longer. You (now) know it’s worth it.



This article is intended for informational purposes only and should not be relied upon as legal advice.


While you’re here, why not take out DP Test?

To contact DataHelp email robert.wassall@datahelp.co.uk or call 07902 395989

Leave a Reply

Your email address will not be published. Required fields are marked *