Banking System Breach Case Study

ABCXYZ Bank is a regional bank with international branches around the world. Recently, unknown hackers broke into the bank's systems and stole confidential data about many clients. This included their full personal information, credit card numbers, details of their accounts and the recent transactions they made. They also stole a number of documents that were proprietary to the bank.

The hackers published some of the stolen data. They did not seek any benefits from this; they just wanted to show-off and damage the bank's repetition. They promised to publish more data and share the proprietary documents. The bank was under fire from the media, the public and the regulatory bodies.

Top management panicked and had an emergency meeting to decide on suitable actions. They also needed to prepare a public statement about the incident.

The bank's CEO suggested playing down the magnitude of the attack by stating that while a small portion of the leaked data was accurate, most of it was fabricated. This was not the case, as all the data leaked was in fact both accurate and recent. He further suggested claiming that the magnitude of the attack was very limited and that the IT security team managed to stop it. He further proposed stating that all clients' data is now secure and no further attacks can ever happen in future.

In this Assignment, you will analyse the legal and regulatory as well as the ethical and professional responsibilities of the bank in this case. You will then reach a conclusion as to whether the bank should proceed with the CEOs suggestion in order to save its repetition.

To prepare for this Assignment:

Review the Learning Resources for week 2, particularly the resources on codes of conduct and professional practice for IT professionals.

Review the Learning Resources , especially the resources on data protection acts and regulations.

Research the relevant laws and regulations in your region.

Research similar cases where banking systems were breached and the reactions from banks and regulatory bodies. For example, see this article:

Goldstein, M., Perlroth, N. and Sanger, D.E. (2014) Hackers attack cracked 10 financial firms in major assault, The New York Times, 3 October. Available at: https://dealbook.nytimes.com/2014/10/03/hackers-attack-cracked-10-banks-in-major-assault/?mcubz=0 (Accessed 17 August 2017).

Submit a paper in which you address this scenario by:

Discussing the relevant laws and regulations that apply to the given scenario in your region or a region of choice.

Analysing the current situation of the bank and the various pressures and factors that need to be considered in making the decisions.

Analysing the impact of the stolen proprietary documents in terms of a breach of intellectual property laws.

Determining what the legal and regulatory obligations of the bank are in this scenario.

Examining what the ethical and professional responsibilities of the bank are in this scenario.

Addressing the main question, which is whether the bank should proceed with implementing the CEOs proposals to save its repetition and avoid further reputational damage. Justify your answer in the light of IT professional and ethical practices and relevant legislations and regulations in your region.

Discussing alternative decisions that bank could take and their impact.

Your document should have 750-1,000 words (not including the list of works cited). Cite and reference all sources using the Harvard referencing style