ACH responds to malware incident at Cayman banks

By Staff Writer

In the wake of a computer breach detected last month and subsequently isolated, ACH Cayman Limited (ACH), the company that represents the clearing banks in the Cayman Islands, is advising customers to check with their respective banks if they notice any suspicious activity on their accounts.

“While there is no evidence at this stage that any bank customer data has been compromised, if any client identifies any suspicious activity in connection with any account, please report this to your bank immediately,” ACH said in a press release on Friday.

It reports that on May 21st, it was advised of the detection of malware on the Cayman server at its third party processor. That processor is engaged by ACH to provide clearing settlement services for domestic electronic funds transfers and cheques among the ACH banks.

ACH says only the Cayman server located at the third party processor has been impacted, adding that at this stage there is no evidence that any ACH bank system has been impacted.

Friday’s advisory “is being issued to all ACH bank customers out of an abundance of caution only," the statement says.

The ACH banks are Cayman National Bank Ltd., RBC Royal Bank (Cayman) Limited, Butterfield Bank (Cayman) Limited, Fidelity Bank (Cayman) Limited, FirstCaribbean International Bank (Cayman) Limited and Scotiabank & Trust (Cayman) Ltd.

According to ACH, the malware has been quarantined and removed from the affected Cayman server. Specialist forensic IT security consultants have been appointed to investigate the breach.

Each ACH bank has been notified and will continue to liaise with the relevant Cayman Islands regulators, Friday's press release states.

The company also says it has increased fraud and security monitoring across all systems.

Saying further information will be provided as soon as it is available, it also advises customers to contact their ACH bank if they have any questions.