October 30, 2024 at 06:25PM
Interbank, a major Peruvian bank, has reported a data breach involving the theft of sensitive information from over 3 million customers. A hacker is selling this data online, which includes account details and personal information. While some online services were disrupted, Interbank assures customers their deposits remain secure.
**Meeting Takeaways: Interbank Data Breach**
1. **Incident Confirmation**: Interbank has confirmed a data breach involving unauthorized access to its systems, resulting in the leak of customer data online by a hacker.
2. **Company Background**: Interbank, formerly known as Banco Internacional del PerĂº, serves over 2 million customers and provides various financial services.
3. **Data Exposure Statement**: The bank reported that certain client data was exposed, and they have implemented additional security measures to safeguard customer information and operations.
4. **Operational Status**: Despite earlier disruptions to its mobile app and online services, Interbank has restored most operations. Client deposits remain secure.
5. **Data Breach Details**:
– The threat actor, using the handle “kzoldyck,” is offering stolen data for sale on hacking forums.
– The stolen information includes full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, credit card details, bank transaction data, and plaintext credentials.
– The hacker claims to have stolen information on over 3 million customers, totaling more than 3.7 TB of data, including sensitive internal credentials.
6. **Extortion Attempts**: The threat actor initiated negotiations with Interbank for extortion purposes, but the bank refused to pay, leading to the data being uploaded online.
7. **Lack of Information**: Interbank has not disclosed the exact number of affected customers or further details about the breach as of the latest updates.
8. **Awaiting Further Information**: An Interbank spokesperson was not available for additional comment or clarification regarding the breach at the time of the report.