Why? The compliance requirements don't require hashing (iirc, "commercially reasonable" protection is/was the standard), so you should assume that any other bank is doing the same thing, as they probably are.
All that is needed to steal your money is the bank account number, which you probably have mailed out or otherwise provided to numerous random third parties, who process them with other third parties. There's almost no information in there that isn't already available to anyone who cares to look.
A more reasonable approach that actually impacts your security would be:
- Opt-out of electronic communication and get paper statements and account notifications. (This ensures that you receive notice, in the mail, about changes of address and other changes)
- Opt-in to notifications about large transfers or low balances.
- Disable Bill Pay features at the bank.
- Disable external ACH transfers.
- Request wire transfer privileges, which with some banks allows you to get a physical token to secure access to your account.
- Use a dedicated PC/iPad/Chromebook/etc for your banking to reduce the risk of malware capturing your banking details.
If you're going to switch banks over this, look for a credit union small enough that they use an off the shelf banking solution, and figure out what the default configuration of the solution is.
Thanks for recommendations. I will admit I overreacted when I saw the headline and found out it was PNC. Just not the thing I expected to start my day hearing.
I already use 2FA, a unique password only with PNC and alerts on all account activity, including logins.
All that is needed to steal your money is the bank account number, which you probably have mailed out or otherwise provided to numerous random third parties, who process them with other third parties. There's almost no information in there that isn't already available to anyone who cares to look.
A more reasonable approach that actually impacts your security would be:
- Opt-out of electronic communication and get paper statements and account notifications. (This ensures that you receive notice, in the mail, about changes of address and other changes)
- Opt-in to notifications about large transfers or low balances.
- Disable Bill Pay features at the bank.
- Disable external ACH transfers.
- Request wire transfer privileges, which with some banks allows you to get a physical token to secure access to your account.
- Use a dedicated PC/iPad/Chromebook/etc for your banking to reduce the risk of malware capturing your banking details.
If you're going to switch banks over this, look for a credit union small enough that they use an off the shelf banking solution, and figure out what the default configuration of the solution is.