In May, Santander Bank faced a significant cybersecurity breach that affected millions of its customers and employees worldwide. The hacking group ShinyHunters claimed responsibility for the attack, which also targeted Ticketmaster earlier in the week. Santander apologized for the breach, acknowledging the concerns it has raised among consumers globally.
The breach reportedly impacted the personal data of ‘millions’ of Santander customers and employees, with the cybercriminal gang allegedly acquiring data from 560 million individuals, including 30 million Santander customers. A statement from Santander revealed that the unauthorized access occurred through a third-party provider’s database, according to The Mirror. However, the bank quickly implemented measures to contain the incident and clarified that no transactional data or credentials essential for account transactions, such as online banking details and passwords, were compromised.
The investigation conducted by Santander confirmed that the breach affected its operations in Chile, Spain, and Uruguay, while customer data in the UK and other markets remained unaffected. Santander, which employs over 200,000 people globally, including 20,000 in the UK, has been proactive in contacting affected customers and employees directly. The bank emphasized that its banking systems remain secure, and customers can continue to transact safely.
Reports indicate that ShinyHunters allegedly demanded a ransom of around £400,000 to prevent the sale of the stolen data on the dark web. Furthermore, they reportedly offered Santander the opportunity to purchase the stolen data for $2 million (£1.6 million). HackManac, an expert in cybersecurity, mentioned that around 28 million credit card numbers and six million account numbers and balances are available for sale in the exfiltrated database. However, Santander has not commented on the accuracy of these claims.
This incident highlights the persistent threat of cyber attacks and underscores the necessity of robust cybersecurity measures. Santander’s proactive communication aims to mitigate concerns and reassure customers and employees about the security of their banking transactions. Despite the breach, the bank has reiterated that their operational systems are unaffected, ensuring that customers can continue to transact securely.
Additionally, the breach follows a similar cyber attack on Ticketmaster, for which ShinyHunters also claimed responsibility. The group has previously targeted other high-profile organizations such as AT&T. Experts have advised caution, suggesting that the Ticketmaster auction could be a ploy to draw attention to a new hacker site replacing one shut down by the police. The BBC reported that the database breach was housed by a third-party provider, making it more challenging to secure sensitive information effectively.
Santander’s recent experience serves as a stark reminder of the growing danger posed by cybercriminals and the importance of sustaining stringent cybersecurity protocols to protect sensitive data from falling into the wrong hands.
News Sources
Assisted by GAI and LLM Technologies
Source: HaystackID with permission from ComplexDiscovery OÜ
