Is it possible that Swedbank is hacked and all the money destroyed?

[johnyj]

Since Tuesday afternoon, Sweden's biggest bank Swedbank is down for all of its services including bank card, ATM, online banking and mobile payment. In one word, any one who have an account in Swedbank are not able to access it

http://www.dn.se/ekonomi/stora-teknikproblem-for-swedbank-1/

As we all know, the banks only hold some database which is essentially some numbers, what if some insider hack into the central server of the banks and wipe out all those numbers? And then all the money will be gone?

I just don't really understand how this all works. During old times, banks still holds lots of notes and gold as the hard asset, so even if their checkbook are destroyed, they would still be able to reconstruct the whole balance sheet. But today almost all the assets are numbers, and the destroy of the database will essentially wipe out every asset in the bank

Can they easily take a back up and restore all those numbers? If they really can do that, who can guarantee they would not use this method to reverse the transaction?  

[1714287828]

1714287828

[1714287828]

1714287828

[1714287828]

1714287828

[1714287828]

1714287828

[adamstgBit]

Swedbank shoulda woulda coulda used Blockchain Technology. 

[achow101]

Banks constantly backup their databases. If they were hacked, they could restore the database from a backup. Banks can also reverse transactions without having to restore from a backup. They have full control over the databases, and can simply reverse a transaction if they have "probable cause" Banks are trusted to not reverse transactions, and typically, the customer receives a bank statement of all of the transactions, and can download at anytime the transactions of their bank account. If the customer has proof that he made a transaction, but the bank reversed that without warning or cause, he could sue the bank and get the bank into a lot of trouble. It is in their best interest to not reverse transactions because it keeps customers and thus they profit.

[pitham1]

As we all know, the banks only hold some database which is essentially some numbers, what if some insider hack into the central server of the banks and wipe out all those numbers? And then all the money will be gone?

FUD. Even third rate companies have Business Continuity Plans / Disaster Recovery Plans. The database is usually backed up in multiple places, across geographies. I don't see a bank failing to take care of this basic operational risk.

The regulators are not going to sit idle if this happens.  

[johnyj]

Banks constantly backup their databases. If they were hacked, they could restore the database from a backup. Banks can also reverse transactions without having to restore from a backup. They have full control over the databases, and can simply reverse a transaction if they have "probable cause" Banks are trusted to not reverse transactions, and typically, the customer receives a bank statement of all of the transactions, and can download at anytime the transactions of their bank account. If the customer has proof that he made a transaction, but the bank reversed that without warning or cause, he could sue the bank and get the bank into a lot of trouble. It is in their best interest to not reverse transactions because it keeps customers and thus they profit.

Since it is a database, banks can do much more operations without customer knowing it. I know that even someone from government can have the authority to freeze or deduct certain amount from an account

But my question is about how banks agree on differences. Suppose that bank A claim that he has an account with 2 billion savings in Bank B and Bank B just deny the claim because it is not shown in their database after a database upgrade, then bank A will suddenly lose 2 billions. They can go to court, but having two different truth contradict with each other does not make the judge any wiser

How do you prevent a bank from modifying the database in order to get rid of some debt/negative balance?

The only way I can think of is through mutual destruction model: Bank A holds an account of 2 billion dollar at bank B, and bank B holds an account of 2 billion dollar at bank A, and they try to keep the difference between those accounts as small as possible to reduce the risk. If bank B suddenly shutdown, then bank A will easily take over bank B's account at bank A without incur huge loss

[johnyj]

As we all know, the banks only hold some database which is essentially some numbers, what if some insider hack into the central server of the banks and wipe out all those numbers? And then all the money will be gone?

FUD. Even third rate companies have Business Continuity Plans / Disaster Recovery Plans. The database is usually backed up in multiple places, across geographies. I don't see a bank failing to take care of this basic operational risk.

The regulators are not going to sit idle if this happens.  

I'm not sure if regulators have the authority to go into the bank's central database and audit

The backups might help a bit, but since those backups might be done once a day or once a month, you can not reverse anything happened during the day, and if you reverse, there will be lots of double spending

[Gleb Gamow]

https://www.swedbank.com/about-swedbank/index.htm

Swedbank is a modern bank firmly rooted in Swedish savings bank history. We are an inclusive bank with 8 million private customers and more than 600 000 corporate and organisational customers.

This makes us Sweden’s largest bank in terms of number of customers and gives us a leading position in our other home markets of Estonia, Latvia and Lithuania. As a major bank, we are a significant part of the financial system and play an important role in the local communities we serve. We are dedicated to helping our customers, our shareholders and society as a whole stay financially sound and sustainable.

This is fuckin' weird! Not even ~2 hours ago a local guy was just telling me about concerns in the Baltic countries stemming from Russia. I wonder if there's a connection.

[Gleb Gamow]

http://www.bloomberg.com/quote/SWEDA:SS/profile

Key Executives for Swedbank AB (SWEDA)

Michael Wolf
President/CEO

Meet the Wolf of Baltica.

[johnyj]

http://www.expressen.se/nyheter/omfattande-tekniska-problem-for-swedbank/

[achow101]

Banks constantly backup their databases. If they were hacked, they could restore the database from a backup. Banks can also reverse transactions without having to restore from a backup. They have full control over the databases, and can simply reverse a transaction if they have "probable cause" Banks are trusted to not reverse transactions, and typically, the customer receives a bank statement of all of the transactions, and can download at anytime the transactions of their bank account. If the customer has proof that he made a transaction, but the bank reversed that without warning or cause, he could sue the bank and get the bank into a lot of trouble. It is in their best interest to not reverse transactions because it keeps customers and thus they profit.

Since it is a database, banks can do much more operations without customer knowing it. I know that even someone from government can have the authority to freeze or deduct certain amount from an account

But my question is about how banks agree on differences. Suppose that bank A claim that he has an account with 2 billion savings in Bank B and Bank B just deny the claim because it is not shown in their database after a database upgrade, then bank A will suddenly lose 2 billions. They can go to court, but having two different truth contradict with each other does not make the judge any wiser

How do you prevent a bank from modifying the database in order to get rid of some debt/negative balance?

The only way I can think of is through mutual destruction model: Bank A holds an account of 2 billion dollar at bank B, and bank B holds an account of 2 billion dollar at bank A, and they try to keep the difference between those accounts as small as possible to reduce the risk. If bank B suddenly shutdown, then bank A will easily take over bank B's account at bank A without incur huge loss

Banks do not share databases typically. Sending money goes through some system, and that transaction is recorded on both sides, and possibly a third party. Then, once the money "leaves" one bank's system, it no longer becomes their problem, and they do not need to and they likely do not keep track of account balances in other banks. If someone claims that they have money in a bank but the bank says that they do not, then the bank statements and records sent out to customers will prove that the customer has that amount in the bank account and that the bank screwed up.

[johnyj]

Banks do not share databases typically. Sending money goes through some system, and that transaction is recorded on both sides, and possibly a third party. Then, once the money "leaves" one bank's system, it no longer becomes their problem, and they do not need to and they likely do not keep track of account balances in other banks. If someone claims that they have money in a bank but the bank says that they do not, then the bank statements and records sent out to customers will prove that the customer has that amount in the bank account and that the bank screwed up.

Suppose that I'm a bank and have my customer's deposit registered in my database, it has nothing to do with any other banks. I just run FRB and my customer will never know if I have money in the bank until a large scale of withdraw happens (And I can borrow money if they withdraw). All the transactions between my customers are just some number change in my own database without the moving of any money

However, if one of my customer Bob want to send $500 to his account at bank B, he would either withdraw cash and then deposit it to bank B (which is very rare), or he uses bank's online service to do a wire transfer. In wire transfer, I will subtract $500 from his account balance in my database, and bank B must add $500 to his account balance at the same day. In order to do that, I must establish some relationship with bank B and have a common communication protocol, which is the clearing system

However, even the communication protocol is reliable, I could still send 2 billion dollar into bank B, without subtracting same amount of numbers in my database, what I do with my database is totally up to me, if no one is overseeing it

And by doing this I could double spend 2 billions. So I guess banks must have a means to control this kind of risk, either through someone overseeing all the banks' databases (which is very unlikely), or through some mutual contract between banking members? Or they don't control it at all and double spending is a daily business? 

[Blazr]

The short answer is that many banks internal payment systems are incredibly similar to the Bitcoin network and blockchain. You can't easily modify a banks database without it being obvious it has been tampered with and possible to revert. However what crooks have done in the past is put fake deposits into the system and try to cash them out, there are many ways to accomplish this, this has happened to Bitcoin exchanges before where API keys belonging to payment processors were stolen and deposits forged. Whenever this happens banks can still "chargeback" the money in some cases and they have fraud detection systems to try and detect this kind of thing.

[LiteCoinGuy]

there seems to be no single english or german news about that...wtf...google..  

[Gleb Gamow]

there seems to be no single english or german news about that...wtf...google..  

Statoil ASA (NYSE:STO) was upgraded by research analysts at Swedbank from a “sell” rating to a “neutral” rating in a report released on Monday.

In the US, Swedbank was downgraded from a Bank to merely recommending buy, sell and neutral ratings.

[johnyj]

The short answer is that many banks internal payment systems are incredibly similar to the Bitcoin network and blockchain. You can't easily modify a banks database without it being obvious it has been tampered with and possible to revert. However what crooks have done in the past is put fake deposits into the system and try to cash them out, there are many ways to accomplish this, this has happened to Bitcoin exchanges before where API keys belonging to payment processors were stolen and deposits forged. Whenever this happens banks can still "chargeback" the money in some cases and they have fraud detection systems to try and detect this kind of thing.

It could be the banker himself, not necessary to be the hacker. How could you prevent a banker from adding 2 trillion dollars in his own banks?

For enterprises, they can not make fake income, because those capital have to come from some bank account, and banks oversee all of their capital flow. But for banks, if no one is overseeing them, they could easily modify the database and forge income at will

When commercial banks make loans, they must keep some reserve at central banks, but there is no requirement if they don't make loans. Central banks' balance sheet is public, but not commercial banks

One further thought, many bank failures during financial crisis seems to prove that commercial banks can not forge money at will, otherwise they would never go down. So what is preventing them from modifying their database? Banking regulators? Accountant?

[bitllionaire]

I think that such thing will never happen with a bank

They must have lots of backups of the whole data they manage

[Error404]

Yes No system is safe , no security unhackable and security is just an illusion , What hackers saying because its too posible because our life was a modern technology and there are people who can hack it but they dont know who is he/she thats why social media is unsafe for the person who has a secret because they want to the information is free

[virtualx]

Since Tuesday afternoon, Sweden's biggest bank Swedbank is down for all of its services including bank card, ATM, online banking and mobile payment. In one word, any one who have an account in Swedbank are not able to access it

http://www.dn.se/ekonomi/stora-teknikproblem-for-swedbank-1/

As we all know, the banks only hold some database which is essentially some numbers, what if some insider hack into the central server of the banks and wipe out all those numbers? And then all the money will be gone?

I just don't really understand how this all works. During old times, banks still holds lots of notes and gold as the hard asset, so even if their checkbook are destroyed, they would still be able to reconstruct the whole balance sheet. But today almost all the assets are numbers, and the destroy of the database will essentially wipe out every asset in the bank

Can they easily take a back up and restore all those numbers? If they really can do that, who can guarantee they would not use this method to reverse the transaction?  

It seems like their payment network is down. While it may be that their database is corrupted, this is less likely because banks probably have backups. In these modern times, the most valuable asset of a bank is their data center.

I don't have any data on how easily they can back up, but I suppose they can because there have been a few dozen hacks of banks in last few years and I don't think those were without damage.

[Turn0ff]

Who is Swedbank?

We aren't talking about a major actor on the global arena here, so why care?

[Cryptowatch.com]

It's not too many years ago Sweden suffered another major financial scam:
http://www.bloomberg.com/apps/news?pid=newsarchive&sid=aqZC29HC0rns