Skip to content
 

Computer Intrusion: Is a SAR required?

Answered by: 
Barbara Hurst
Dana Turner

Question: 
Have received an e-mail from someone stating that they have broken our Internet system and will contact our customers if we do not contact them immediately. Of course we did not, but I did notify the Dept of Financial Institutions and they seem to think I should prepare a SAR for this. Can you help me? We have not had any losses, therefore there is no information to report on the SAR.
Answer: 

Answer by Barbara Hurst:

The instructions on the SAR are pretty explicit - look on page 5 for guidance. COMPUTER INTRUSION: is defined as....... gaining access....... It does not mean attempted intrusions of websites or other non-critical information systems of the institution that provide no access to institution or customer financial or other critical information. From what you described, you may not need to file. But, if you think you have a real threat on your hands, and a contact, I'd go ahead and file. Can't hurt!

Answer: 

Answer by Dana Turner:

Please, oh please -- contact your local law enforcement agency immediately and file a report. This is likely not theonly occurrence. And a terrorist threat delivered by telephone is a crime that the FBI may also investigate.

First published on BankersOnline.com 10/1/01

First published on 10/01/2001

Filed under: 
Security
Filed under security as: 
Internet
IT
SAR

Report a problem with this page

Search Topics