Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
One of Peru's largest banks, Interbank (formerly International Bank of Peru, Banco Internacional del Perú), reported a data breach that occurred after a failed ransomware attack. The attacker who hacked into the systems of the financial institution has already begun to leak the stolen data into the network.
"We discovered that some customer group data was disclosed to a third party without our permission. In this regard, we immediately took additional security measures to protect our customers' transactions and information", Interbank said.
Interbank emphasizes that most transactions are now carried out normally, and customer deposits are safe. Although in recent weeks, users have repeatedly reported failures in the operation of mobile applications and the bank's online platform.
So far, the organization has not disclosed the exact number of affected customers whose data was stolen or exposed as a result of the hacker attack. But the publication Bleeping Computer writes that a hacker under the nickname kzoldyck has already put information up for sale on several hacker forums.
The attacker claims to have stolen Interbank's full customer names, account IDs, dates of birth, addresses, phone numbers, email addresses, and IP addresses, as well as bank card and CVV numbers, card expiration information, banking transaction data, and other sensitive information, including cleartext credentials.
"The information of more than 3 million [Interbank] customers, in addition to the data that I have already posted. I also have clean customer usernames and passwords, which allows me to access bank accounts from the Peruvian IP block (for some of them there are restrictions on biometric verification by photo)", the attacker writes. "So far, I have uploaded a part containing information about more than 3 million customers. The total amount of data exceeds 3.7 TB. I got a lot of internal API credentials, LDAP, Azure, and so on".
Kzoldyck has already published samples of the stolen data and said that negotiations with the management of Interbank began two weeks ago. However, according to the hacker, the extortion attempt failed, as the bank decided not to pay the ransom to the attackers.
"We discovered that some customer group data was disclosed to a third party without our permission. In this regard, we immediately took additional security measures to protect our customers' transactions and information", Interbank said.
Interbank emphasizes that most transactions are now carried out normally, and customer deposits are safe. Although in recent weeks, users have repeatedly reported failures in the operation of mobile applications and the bank's online platform.
So far, the organization has not disclosed the exact number of affected customers whose data was stolen or exposed as a result of the hacker attack. But the publication Bleeping Computer writes that a hacker under the nickname kzoldyck has already put information up for sale on several hacker forums.
The attacker claims to have stolen Interbank's full customer names, account IDs, dates of birth, addresses, phone numbers, email addresses, and IP addresses, as well as bank card and CVV numbers, card expiration information, banking transaction data, and other sensitive information, including cleartext credentials.
"The information of more than 3 million [Interbank] customers, in addition to the data that I have already posted. I also have clean customer usernames and passwords, which allows me to access bank accounts from the Peruvian IP block (for some of them there are restrictions on biometric verification by photo)", the attacker writes. "So far, I have uploaded a part containing information about more than 3 million customers. The total amount of data exceeds 3.7 TB. I got a lot of internal API credentials, LDAP, Azure, and so on".
Kzoldyck has already published samples of the stolen data and said that negotiations with the management of Interbank began two weeks ago. However, according to the hacker, the extortion attempt failed, as the bank decided not to pay the ransom to the attackers.
