Risk
3/8/2013
01:25 PM
Connect Directly
RSS
E-Mail
50%
50%

Royal Bank Of Scotland Glitch Tests Customer Loyalty

Managers at The Royal Bank of Scotland have red faces after second IT crash in less than a year annoys millions of customers.

IT problems have flared up again at one of the U.K.'s biggest retail banking chains, less than nine months after a three-day total system blackout.

For at least three hours on Wednesday night, customers of NatWest, Ulster Bank and Royal Bank of Scotland found themselves unable to access their accounts either by phone or online. (All three are brands of The Royal Bank of Scotland, a commercial operation that is majority-owned by the British state following its near collapse during the 2008 banking crisis.)

According to The Guardian, the problem continued well into Thursday morning for some customers. Indeed, this week's problem seems to be in many ways a throwback to the snafu earlier this year, in which British checking account customers were unable to pay their mortgages, settle debts, or even withdraw cash for food, and which left some customers arguing over missed transactions even weeks later. This time, however, the bank denies that the problem is software-related.

[ What are U.K. companies' most pressing security concerns? Read U.K. Public Sector's Top Security Worries. ]

Further stoking customers' anger is the fact that so far the bank seems unwilling to accommodate those who, through no fault of their own, may now face problems on their credit scores and other issues resulting from the glitch.

According to The Guardian, a member of campaign group Move Your Money -- which describes itself as "a national campaign to spread the message that we can help to build a better banking system" – described the downtime as "like [the movie] 'Groundhog Day.'"

In its formal response, the bank said, "We are disappointed that our customers have faced disruption to banking services for a period on Wednesday evening, and apologize for that. All services are now running as normal again." It did not offer any more details about the disruption or how it had been resolved.

However, NatWest reportedly told an IT news site that a "hardware fault" on one of its IBM zSeries mainframes was responsible for blocking customers' access to ATMs and online banking services. (Since branches were closed at that time of night, customers were also unable to interact with tellers.)

The same IT site claims that last year's three-day emergency was due to human error -- allegedly, an employee "hit the wrong button" during what should have been a routine overnight batch job using banking software from CA Technologies to update a system handling inbound payments.

The problems that occurred last June raised an almighty stink in the U.K., and two brownouts may end up being one too many for the Royal Bank of Scotland. The Twittersphere is full of customers swearing to move their business to rivals: "Disgraceful service. Am moving my banking to Santander! You cannot be trusted with our money!!!"

All in all, it's quite amazing in 2013 to see Tier One banks having so many technical problems -- and responding to them with such poor PR.

Rick Falkvinge, the founder of the Swedish Pirate Party and a campaigner for sensible information policy, will present the keynote address at Black Hat Europe 2013. Black Hat Europe will take place March 12-15 at The Grand Hotel Krasnapolsky in Amsterdam.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
3/22/2013 | 8:44:29 PM
re: Royal Bank Of Scotland Glitch Tests Customer Loyalty
I can tell you that if I had all my money stored in a banking facility that was unavailable to me for a number of hours I would no longer be one of their customers. Money is something that you cannot give a second chance of risk for, it may not be available for lack of funds. If you were still customer of the banks after the first episode 3 years ago and were a victim the second time, that is your fault for trusting unreliable sources. Lets see how many customers will let it happen three times.

Paul Sprague
InformationWeek Contributor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0993
Published: 2014-09-15
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file.

CVE-2014-2375
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

CVE-2014-2376
Published: 2014-09-15
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2377
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.

CVE-2014-3077
Published: 2014-09-15
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant