(Reuters) - TD Bank agreed to pay $625,000 and tighten security practices to resolve a probe into a 2012 data breach that affected more than 260,000 customers, and which it was too slow to report, Massachusetts Attorney General Martha Coakley said on Monday.
Coakley said TD lost unencrypted computer server back-up tapes containing customers’ personal information in March 2012 but waited until October of that year to alert her office and customers, more than 90,000 of whom were in Massachusetts.
Data on the tapes may have included customer names, account numbers and Social Security numbers, Coakley said.
TD began an internal investigation into the loss upon learning that the tapes, which were to have been transported by a third-party courier between TD offices, had never arrived.
To resolve the probe, TD, a unit of Canada’s Toronto-Dominion Bank (TD.TO), will pay $325,000 in civil penalties, $225,000 to a state education fund and $75,000 for costs. It was credited $200,000 to reflect security upgrades it has already made.
TD cooperated throughout the probe, Coakley said.
A bank spokeswoman, Judith Schmidt, confirmed the settlement and said TD is unaware of any fraud related to the breach.
Reporting by Jonathan Stempel in New York; Editing by Leslie Adler