[Infowarrior] - Wells Fargo Bank Will No Longer Password Protect Business Accounts

Richard Forno rforno at infowarrior.org
Sat Aug 29 15:44:49 UTC 2009 

(via IP)

Begin forwarded message:

From: Lauren Weinstein <lauren at vortex.com>
Date: August 28, 2009 6:59:21 PM EDT

  Warning! Wells Fargo Bank Will No Longer Password Protect Business  
Accounts

              http://lauren.vortex.com/archive/000608.html

Greetings.  This is just a quick heads-up.  I've been informed, and
have verified through multiple sources, that Wells Fargo Bank will now
refuse to password protect business banking accounts.  Callers
punching directly through to an agent without entering identifying
information may be able to obtain full account access using only an
account (e.g. checking account) number, and last four digits of
taxpayer ID or SSN -- all data elements that tend to be widely
available in the course of doing business for many entities.  Note
that Wells Fargo phone agents do not routinely ask for PINs, either.

In theory, Wells claims that if a business already has a password
assigned it will still be honored for now -- but in practice it
appears that many phone agents are simply ignoring the passwords, and
will refuse to set a new one.  Nor can businesses even go into a
branch to assign a password (as, supposedly, consumer account holders
still are permitted to do).

Wells' explanation for this change is that supposedly too many people
forgot their passwords, and that the passwords could be bypassed
anyway with other easily obtainable information.

In fairness, all Wells Fargo representatives I've spoken to about this
agree that's it's a dangerous and stupid (their words!) policy.  After
all, just because some people lock themselves out of their cars, and
it's possible to break in through windows, we still expect auto
manufacturers to provide locks.

Businesses with their accounts at Wells Fargo may wish to reevaluate
their situation in light of this information.  I'll update if and when
I learn more about this significantly outrageous policy change.

--Lauren--
Lauren Weinstein
lauren at vortex.com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
  - People For Internet Responsibility - http://www.pfir.org

More information about the Infowarrior mailing list