Large Peruvian bank warns of data theft after dark web post emerges

Avatar

One of Peru’s largest banks apologized on Wednesday for a data breach that may expose information from up to 3 million customers. 

Interbank released multiple statements on Wednesday after dark web researchers discovered someone selling access to the sensitive financial and personal information stolen from the bank. 

After the post emerged, Interbank took some services offline, writing that it was working to fix things “as soon as possible.” Four hours later, a longer statement was released warning that some of the allegedly stolen data was legitimate. 

“We have identified that some data from a group of clients has been exposed by a third party without our authorization,” the bank said in social media posts. “In this situation we immediately deployed additional security measures to safeguard the operations and information of our customers.” 

Interbank said it wanted to provide guarantees that all deposits and financial products are currently safe. The company did not respond to requests for clarification about what services were taken offline. Some users reported issues with changing their password and other glitches in operating their online accounts. The statement said that after an investigation is finished, the downed operations will be restored.

Founded in 1897, Interbank is the fourth-largest financial institution in Peru, managing thousands of banks and ATMs countrywide. The company reported more than $1.5 billion in revenue last year. 

Several cybersecurity firms and researchers shared images of the dark web post and validated some of the stolen information — which includes names, phone numbers, National ID numbers, device information, IP address, location information and data on financial transactions. 

The hacker is selling 3.7 TB of data that also includes credit card date numbers, CVVs, and login information for user accounts at the bank. The dark web post includes claims that credentials for internal bank systems were also taken. 

In a lengthy message attached to the leaked data, the hacker claimed to have been in negotiations with Interbank for two weeks before the bank allegedly broke off the deal and “resorted to insults and swears.”

The incident has drawn headlines across Peru as government agencies and regulators stepped in to address customer concerns. Interbank sent emails to customers notifying them of the data theft.

The Cybercrime Prosecutor’s Office of Lima said it has issued several charges against the alleged hacker for the incident.

“In addition, [the prosecutor’s office] ordered the collection of statements of Interbank representatives and witnesses, the carrying out of virtual patrols, searches and identification on the web and other sites where data is offered, and more,” the prosecutors said according to a machine translation. 

The prosecutors also demanded Interbank submit a cybersecurity report about the incident as well as evidence that the vulnerabilities allowing the threat actor entry have been resolved. A banking regulator added that it too is monitoring the incident for potential legal violations. 

Financial institutions and governments across Latin America have faced an onslaught of digital attacks over the last two years from nation-state actors, ransomware groups and extortion gangs. Several countries have stepped up law enforcement operations against hackers in response to the attacks.

CybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

Next Post

FBI: Iranian cyber group targeted Summer Olympics with attack on French display provider

Related Posts

Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines

Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads. "These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community," Morphisec researcher Shmuel Uzan said in a new report published today, adding "this malware
Avatar
Read More

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. "A remote unauthenticated attacker can silently replace existing printers' (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print
Avatar
Read More