Early the morning of November 30, 2017, the informational Inwood Bank website was unresponsive. The vendor hosting the website determined that an unauthorized person was able to access and modify a single file in the hosted website service. It appears the intent was to redirect traffic to support the distribution of bitcoin mining malware.
The vendor has identified the time window when the redirect was active as 6:26 am until 8:42 am CT. The site was intentionally taken offline from 8:42 am until 10:30 am to remedy the issue.
The vendor’s Security and Support teams have isolated the specific code through forensic analysis and have determined that end user systems were not affected and there is no danger of malware and, therefore, no action is needed for end users.
The vendor is continuing forensic analysis with a 3rd party provider to determine root cause and hand over all information to proper authorities on this matter. Inwood Bank is confident there was no loss of funds, access of any bank accounts, or compromise of customer data.
If you have any questions, please contact your account officer or the Call Center @ 214-351-7330.