Bank of America and Wachovia are among major banks whose customers' accounts and personal identity information may be at risk because of a scheme by bank employees who allegedly sold the data to a middleman who then brokered it to collection agencies.
Over the last four years, police say as many as 500,000 accounts at 10 banks may have been compromised.
Police in Hackensack, N.J., are investigating the employee theft ring, which reportedly affects bank customers from New Jersey, Florida, Georgia, Maryland, North Carolina, South Carolina and Pennsylvania. Ten arrests have been made so far, including several bank employees.
In an unrelated case, a laptop containing the names and Social Security numbers of about 16,500 current and former employees of MCI was stolen in Colorado Springs last month.
MCI said the computer was stolen from a financial analyst's car while it was parked in the analyst's home. There's no indication the data has been used in any kind of identity theft operation, the company said. Employees whose data was stolen have been notified.
Investigators also say there's no indication the purloined bank records have been used in any kind of identity theft scheme.
Other banks whose customers may have been targeted include Commerce Bancorp and PNC.
Bank of America says it has notified 60,000 customers so far that their records may have been stolen. Wachovia has notified 48,000 customers and says it will provide them with one year of free credit monitoring.
Among those arrested was Orazio Lembo, 35. He allegedly provided the bank workers with names and Social Security numbers of consumers sought by debt collectors. The bank employees would then supply the customers' current address and bank account information to Lembo, who would sell it to a client list of more than 40 collection agencies and law firms.