- author, Joe Teddy
- Role, Cyber reporter
-
The hackers are trying to sell what they say is confidential information belonging to millions of Santander employees and customers.
The bank – which employs 200,000 people worldwide, including about 20,000 people in the UK – confirmed that the data had been stolen.
Santander apologized for what it said was “the understandable concern this will cause”, adding that it was “proactively contacting customers and employees directly affected”.
“Following the investigation, we have now confirmed that some information relating to Santander clients Chile, Spain and Uruguay has been accessed, as well as all current employees and some former employees of the group,” she said in a statement. A statement published earlier this month.
“There is no transaction data, nor any credentials that would allow transactions to be made on the accounts in the database, including online banking details and passwords.”
It said its banking systems were not affected so customers could continue to transact “securely.”
In a post on a hacking forum — first discovered by researchers at Dark Web Informer — the group calling themselves ShinyHunters posted an ad saying they had data including…
- Bank account details of 30 million people
- 6 million account numbers and balances
- 28 million credit card numbers
- Human resources information for employees
Santander did not comment on the accuracy of those allegations.
ShinyHunters previously sold data confirmed to have been stolen from US telecommunications company AT&T.
The gang is also selling what it says is a huge amount of private data from Ticketmaster.
The Australian government says it is working with Ticketmaster to address this issue. The FBI also offered to help.
Some experts said ShinyHunters’ claims should be treated with caution, as they may just be a publicity stunt.
However, researchers at cybersecurity firm Hudson Rock claim that the Santander hack and the apparent Ticketmaster breach are linked to a major ongoing hack of a large cloud storage company called Snowflake.
Hudson Rock says it has spoken to the perpetrators of the alleged Snowflake hack – who claim they gained access to its internal system by stealing the login details of a Snowflake team member.
In a statement on Friday, Snowflake said it was aware of the “potential for unauthorized access” to a “limited number” of customer accounts.
It said it appeared the hackers used login information to access a demo account owned by a former Snowflake employee.
The company said that this account “does not contain sensitive data.”
“We have no evidence to suggest that this activity was due to any security vulnerability, misconfiguration, or breach of the Snowflake product,” she added.
“Amateur organizer. Wannabe beer evangelist. General web fan. Certified internet ninja. Avid reader.”
More Stories
Bitcoin Fees Near Yearly Low as Bitcoin Price Hits $70K
Court ruling worries developers eyeing older Florida condos: NPR
Why Ethereum and BNB Are Ready to Recover as Bullish Rallies Surge