The global financial sector was rocked by news of a cyber attack on Santander Bank, a key player in the industry. The notorious hacking group SHINYHUNTERS claimed responsibility for the breach, in which personal information of more than 30 million customers was compromised and put up for sale for a staggering $2 million.
Santander Bank, headquartered in Spain with a widespread network of 8518 branches worldwide, acknowledged the security breach. The leaked data primarily affected customers in Spain, Chile, and Uruguay, along with some bank employees. The bank attributed the breach to a third-party contractor, as stated in their official announcement.
Notorious for their large-scale cyber attacks, SHINYHUNTERS recently admitted to hacking the American company Ticketmaster, where user records totaling 560 million were stolen, including payment card information. The group also operates Breachforums, a well-known platform for cybercriminals, despite the FBI’s efforts to shut it down. In response, hackers have launched an alternative forum called Breach Nation, managed by a hacker known as Usdod.
SHINYHUNTERS listed various data sets for sale in connection with the Santander Bank hack, including 30 million customer entries, 28 million full credit card numbers with verification data and validity periods (excluding CVV), 6 million account numbers and balances, HR employee lists, and other sensitive information.
The availability of such vast amounts of sensitive financial data raises grave concerns about potential data theft, fraud, and other unlawful activities. This incident underscores the ongoing threats faced by financial institutions and their customers.
In response to the cyber attack, Santander Bank has taken steps to mitigate the impact of the breach. Customers are advised to closely monitor their accounts for any suspicious activity, implement two-factor authentication, and regularly update their passwords to reduce the risk of further exploitation of their data by cybercriminals.