A bit of a scary story for a company that tried to protect itself (2 factor authentication, follow-up confirmation calls) but still lost out in the end (bank failed to do some of the initial confirmation calls).
http://krebsonsecurity.com/2012/05/house-committee-to-probe-e-banking-heists/#more-15245