When Businesses Get Robbed Banks Don’t Care
(Businessweek) — Two years ago hackers stole $5.2 million from the online account of Experi-Metal, a 135-employee metal products manufacturer in Sterling Heights, Mich. The bank, Comerica (CMA), got nearly 90 percent of the money back, but said the unrecoverable $561,000 was Experi-Metal’s problem because the company had allowed a computer to be infected. “The fraud department at Comerica said, ‘What’s wrong with you? How could you let this happen?’ ” says Valiena A. Allison, Experi-Metal’s chief executive officer. The company sued to recover the money, and in June a U.S. District Court judge in Detroit found that Comerica’s response didn’t meet standards of good faith and fair dealing. Comerica agreed to pay almost the entire amount. (The bank declined to comment, beyond saying that the matter was resolved.) Cybercrooks are stealing as much as $1 billion a year from the accounts of small and midsize companies in the U.S. and Europe, according to estimates from Dell SecureWorks (DELL), a security arm of the PC maker. Overseas gangs target small commercial accounts protected by rudimentary security measures at community or regional banks. The accounts typically aren’t covered by fraud insurance, as individual accounts are, and businesses often find themselves on the hook for losses.