TD Bank NA, which lost electronic files containing information for as many as 260,000 customers in 2012, agreed to pay $850,000 to settle a multistate probe into the security breach, New York's attorney general said.
The unit of Canada's Toronto-Dominion Bank (TD) lost unencrypted backup tapes containing 1.4 million customer files with information accumulated over at least eight years, Attorney General Eric Schneiderman said. The accord also requires the bank to improve its data-security practices.
"There has to be one set of rules for everyone, and that includes the big banks and financial institutions entrusted with protecting the sensitive personal information of customers," Schneiderman said in a statement.
The settlement, announced today, comes as regulators across the U.S. begin to examine a much larger breach of JPMorgan Chase & Co. (JPM)'s systems, through which hackers got access to data for as many as 76 million households. The New York-based bank, the biggest in the U.S., said this month there's no evidence account numbers or passwords were stolen.
Connecticut Attorney General George Jepsen's investigators have been in contact with JPMorgan about the breach, Jaclyn Falkowski, his spokeswoman, said. Illinois Attorney General Lisa Madigan and Rhode Island Attorney General Peter Kilmartin are also investigating. Nick Benson, a spokesman for Schneiderman, declined to comment on whether New York is probing the breach.
The number of cyber-security incidents globally has soared 48 percent to 42.8 million this year, according to a PricewaterhouseCoopers LLP survey.
Data breaches in New York more than tripled from 2006 to 2013 and cost businesses in the state at least $1.37 billion last year, according to a report Schneiderman released in July.
