TD Bank to pay $850K in multi-state settlement over 2012 breachPosted On: Oct. 15, 2014 12:00 AM CST
(Reuters) — TD Bank N.A. agreed to pay $850,000 and reform its practices to resolve a nine-state probe of a 2012 data breach, New York Attorney General Eric Schneiderman said on Wednesday.
Personal information for 260,000 TD Bank customers nationwide was exposed when the bank lost unencrypted bank up tapes in Massachusetts, Mr. Schneiderman said in a statement.
The settlement requires the bank to ensure that no backup tapes are moved unless they are encrypted and take other steps to better protect personal information, Mr. Schneiderman said.
“This agreement highlights our efforts to evolve our security controls to further benefit our customers,” TD Bank spokeswoman Rebecca Acevedo said in an email.
The bank has not detected any unusual incidents of fraud related to the breach, nor have customers reported them, although monitoring continues, she added.
State attorneys general have launched probes of data breaches, often banding together, as cyber-security problems have been disclosed at businesses from banks to home improvement stores.
This year, states began investigations of breaches at JPMorgan Chase & Co., Home Depot Inc., Ebay Inc. , and retailer Target Corp .
The nine states that investigated the TD Bank breach are Connecticut, Florida, Maine, Maryland, New Jersey, North Carolina, Pennsylvania and Vermont, according to Mr. Schneiderman’s office.