TD Bank Reaches Breach Settlement with Nine States (Oct. 20, 2014)
TD Bank has reached a settlement over a 2012 data breach that compromised customers’ personal information. Under terms of the agreement, the bank will pay $850,000, to be split among nine states that launched a joint probe into the breach: Connecticut, Florida, Maine, Maryland, New Jersey, New York, North Carolina, Pennsylvania and Vermont.
The breach occurred two years ago, when TD Bank reported losing backup data tapes in Massachusetts that contained personal information for 260,000 customers. The bank said it had not detected any instances of fraud relating to the lost data and offered affected customers free credit monitoring services. As part of the settlement, TD Bank agreed to several reforms of its security protocols, including ensuring all data tapes are encrypted before being transported and running a bi-annual review of its security practices.
The settlement comes amid a flurry of data breaches affecting major U.S. retailers and financial institutions coming to light over the past several weeks, including a cyberattack on JPMorgan Chase that exposed personal data related to 83 million accounts. Home Depot also reported an attack in early September.
See related stories: