S Bank’s logo outside a branch office in Espoo in May 2020. A system error in the supermarket bank’s online banking services allowed customers to obtain at least one million euros by making unauthorised transfers from other accounts and using the log-in credentials of others to apply for consumer credit. (Heikki Saukkomaa – Lehtikuva)


THE ERROR in S Bank’s online banking services was exploited to conduct wrongdoings by a mostly underage group of friends and acquaintances, reports Helsingin Sanomat.

Klaus Geiger, the detective chief inspector leading the pre-trial inquiry at Western Uusimaa Police Department, stated to the newspaper last week that the suspected ringleader, who is in pre-trial detention, is 16 years old, similarly to many of the other suspects.

A handful of adults, meanwhile, is believed to have helped the youngsters to transfer the fraudulently obtained money to other accounts. “They’ve spent the money and given bank accounts for transferring the stolen money,” said Geiger.

Altogether fewer than 10 people are suspected of wrongdoing in connection with the case.

Read more:

He also revealed that the suspects detected the vulnerability in the online banking system by chance, meaning they required no programming know-how or cyber attack to carry out the wrongdoings.

S Bank confirmed last week that the system error allowed a “limited group of customers” to access the online banking services of others for almost four months, between late April and early August. It was exploited also to make unauthorised bank transfers, log in to third-party online services and commit other wrongdoings.

The error, it stressed, was patched up immediately upon its detection, on 5 August.

Geiger told Helsingin Sanomat that the suspects managed to spend most of the stolen money on “living large” and investing in cryptocurrencies.

MTV Uutiset on Thursday reported that the profits obtained by the perpetrators add up to one million euros, with the suspects obtaining around 940,000 euros with bank transfers as well as utilising the log-in credentials to apply for consumer and payday loans.

Officers at Western and Eastern Uusimaa Police Departments are looking into a total of 53 aggravated means of payment frauds and around 150 computer break-ins in connection with the case. The victims of the wrongdoings reside all over Finland.

Aleksi Teivainen – HT