By Wolfe, Daniel
American Banker , Vol. 176, No. 100
Byline: Daniel Wolfe
Citi Veteran Busted
A former Citigroup Inc. accountant was charged this week with embezzling more than $19 million from the company.
Gary Foster was arrested Sunday for allegedly moving the funds from Citi debt adjustment and interest expense accounts into a personal account he held with JPMorgan Chase & Co., The New York Times reported Tuesday. He was arrested Monday at Kennedy Airport in New York after returning from an international trip. He pleaded not guilty Monday to charges of bank fraud, the article said.
Foster allegedly made eight separate transfers to move the money to his personal account, the article said. He used false contract or deal numbers in the reference line of the wire transfers to obscure the nature of the transactions, according to federal prosecutors. Foster quit his job for unknown reasons in January, the article said. According to his profile on LinkedIn, Foster is now a part-time hedge fund consultant. Foster owns six properties across New York and New Jersey, the Times said.
The fraud was discovered when Citi conducted an internal audit in recent weeks, the article said. Citi said it immediately contacted law enforcement officials.
Separately, Citi said Friday that the hackers who compromised 360,000 of its credit card accounts caused $2.7 million in losses to about 3,400 customer accounts, according to Bloomberg News. Citi said it plans to reimburse the affected customers.
Sony Corp. may have left itself open to its massive data breach by laying off its security staff just before the attack, a class action alleges.
"Just two weeks before the April breach, Sony laid off" members of "the group that is responsible for preparing for and responding to security breaches," the lawsuit says, citing a confidential witness.
Ars Technica said in a Friday article that this accusation is "perhaps [the] most damning" claim in the lawsuit. Other allegations are weaker, the article said, such as an accusation that Sony is covering up for weak security when it refuses to disclose its encryption methods.
The suit says that Sony's security around consumer data was below its level of security for its development server, suggesting that Sony valued its own data above that of its customers.
Lulz Security, the hacker group that has claimed credit for attacks on Sony Corp., Nintendo Co. Ltd. and other companies and law enforcement agencies, said it's had enough.
The group claimed to have intended to operate for only 50 days, Ars Technica reported Monday. However, the group also claimed during its Friday exposure of data from the Arizona Department of Public Safety that it planned to release more documents. The conflict may simply be one of branding: "If such releases are made, they won't be under the LulzSec brand," the article said.
The decision may be behind the political motivations of the recent attacks on law enforcement agencies, Ars Technica said. "LulzSec always maintained that it was motivated by amusement rather than political principles, and yet the decision to specifically make law enforcement agencies the target was apparently a political one." However, LulzSec hasn't shifted its ideology completely: One of its last breaches exposed data on users of forums linked to the video game "Battlefield Heroes. …