Swiss bank Julius Baer confirms data theft

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.swissinfo.ch/eng/business/Swiss_bank_Julius_Baer_confirms_data_theft.html?cid=33387790

Swiss private bank Julius Baer has fallen victim to data theft by one
of its Zurich staff, chief executive officer Boris Collardi confirmed
to the SonntagsZeitung newspaper on Sunday.

“Following tighter checks and a comprehensive internal investigation,
we recently discovered a case of data misuse and were able to identify
the alleged perpetrator," Collardi told the paper.

The suspected culprit, a Zurich bank employee who purportedly acted
alone, has been arrested. No other details are available about the
offender.

The SonntagsZeitung said the bank had been in contact with customers
in Germany who may have been affected. It said the stolen bank data
was on a CD that was in the hands of the North Rhine-Westphalia tax
investigators. The bank employee had allegedly received a cash payment
for the material.

Last week a German business magazine “Manager Magazin” reported that
German tax inspectors had raided clients of Julius Baer in Germany in
the latest development in a dispute over untaxed money held in Swiss
accounts.

Tax officials in the German town of Aachen told the magazine that they
had carried out the raids on the homes of Baer clients whose names
were on a CD passed to German authorities.

A spokeswoman for the regional North Rhine-Westphalian Ministry of
Finance told Reuters that tax authorities were repeatedly offered CDs
with names of bank clients and had examined their contents.

Swiss banks are under pressure in Europe. The latest reports come
after German tax authorities raided Credit Suisse clients last month,
while French officials searched the homes of rival UBS employees,
deepening the crackdown on foreigners hiding money in Swiss offshore
accounts to dodge taxes.

In 2011 Julius Baer agreed to pay German tax authorities €50 million
(SFr60 million) to end a tax investigation, while Credit Suisse said
it would pay €150 million to end a probe into its employees.

The reported raids come as Germany's main opposition party, the Social
Democrats, has threatened to block a tax deal with Switzerland aimed
at regularising untaxed Swiss accounts held by Germans, arguing it is
too lenient on tax evaders.

Not first time
The SonntagsZeitung reported that the bank Merrill Lynch Switzerland
had also been a victim of data theft.

Two weeks ago Julius Baer agreed to buy Bank of America Merrill
Lynch’s International Wealth Management business based outside the US
and Japan for up to SFr860 million ($879 million).

Collardi said the Merrill Lynch Switzerland incident was "very regrettable".

"But it will not directly affect us. Until the acquisition of the
business goes through, sole responsibility for this lies with Bank of
America Merrill Lynch," he commented.

This is reportedly the third time in ten years the Swiss
private-banking specialist has fallen victim to data theft. In one of
its more famous cases, Rudolf Elmer, a bank official who worked for
Julius Baer in the Cayman Islands, was dismissed in 2002. He then went
public with documents claiming the bank helped tax evaders.

Julius Baer is also currently under fire in the United States, where
it is one of 11 Swiss banks under investigation by US authorities
looking into allegations the banks helped Americans evade taxes. Talks
are on going between the US and Swiss authorities to find a global
solution to the crisis.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.