NEW YORK—A hacker is selling the purported data of 30-million customers of Spanish multinational bank Santander for $2 million on a criminal online forum the FBI recently attempted to shut down, according to a new report.
Bank Info Security is reporting that a listing on the BreachForums data leak marketplace by administrator ShinyHunters says the data set contains six-million account numbers and balances and 28-million credit card numbers belonging to Santander customers located in Chile, Spain and Uruguay as well as internal employee data.
‘Unauthorized Access’
The bank disclosed on May 14 that it detected "unauthorized access to a Santander database hosted by a third-party provider," Bank Info Security said.
The report notes that the bank's most recent quarterly report lists considerably fewer than 30 million clients in the three affected countries - just four-million in Chile, 15 million in Spain and half a million in Uruguay.
"No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords,” Bank Info Security quoted the bank as saying. “The bank's operations and systems are not affected, so customers can continue to transact securely.”
Data Set Appears Genuine
Sample data posted online by ShinyHunters suggests the data set is genuine, said Richard Bird, chief security officer at Traceable AI and a former JPMorgan Chase security executive, who reviewed it at Information Security Media Group's request.
“Sections of the spreadsheet appear to be data contained within customer information files, including records of the last time that Santander verified the contact information of a client. Recent dates include verifications made at the start of this month,” Bank Info Security said.
How to Sign Up For the Best Daily News Email in Credit Unions? (It’s Free!)
Every workday CUToday.info delivers the most comprehensive, freshest daily newsletter with the day’s news headlines, including links to the related articles. The Fresh Today newsletter is the most timely, relevant and widely-read source of news and information in the CU community. And it’s free!
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties,
And did we mention it’s free?