ShinyHunters is offering data of 30 million clients from Santander
May 31, 2024
ShinyHunters, a threat actor, alleges a breach in Santander’s security and is making available for purchase banking data, inclusive of details for 30 million customers.
An infamous actor known as ShinyHunters is advertising a massive collection of allegedly stolen data from the Santander Bank. ShinyHunters asserts to have acquired information for 30 million customers, staff, and bank records.
In the middle of May, the Spanish banking giant Santander reported a data breach tied to a third-party organization which impacted customers in Chile, Spain, and Uruguay. The bank detected unauthorized entry into one of its databases managed by a third-party entity.
The institution revealed that it promptly took actions to restrict the incident. The bank shut down the unauthorized access to the database and introduced additional measures to prevent fraud and safeguard the impacted customers.
“We have recently uncovered an instance of unauthorized access to a Santander database managed by a third-party entity.” states the communication published by the bank. “Following an in-depth investigation, it has been confirmed that certain information concerning customers of Santander in Chile, Spain, and Uruguay, in addition to all present and certain former employees of the Santander group, have been accessed. The data of clients in all other Santander markets and divisions remain unaffected.”
The impacted database contained details of current and certain former staff members.
The bank clarified that the database did not include transaction records, internet banking specifics, passwords, or any other information allowing individuals to carry out transactions.
“The database does not contain any transactional data or credentials that could be used to conduct transactions on accounts, including internet banking specifics and passwords. The operations and systems of the bank are secure, enabling clients to proceed with transactions confidently.” the statement further reads.
The financial entity has not shared technical specifics on the incident or the nature of the exposed data. The number of people affected remains unclear.
ShinyHunters currently manages BreachForums, the illegal cyber forum that returned to operation two weeks following a law enforcement crackdown that seized its structure.
ShinyHunters declared responsibility for the breach at Ticketmaster and placed on the market 1.3 TB of data, encompassing comprehensive records of 560 million customers, priced at $500,000. The pilfered records encompass names, email addresses, physical addresses, contact numbers, ticket transactions, and order specifics.
On the 30th of May 2024, ShinyHunters released a notice entitled: “Santander Bank Data – Spain, Chile, Uruguay – Customers, CC, Bank, more” specifying that the affected countries are Spain, Chile, and Uruguay.
Data includes
- Information on 30 million customers
- Approximately 6 million account numbers and balances
- Details of 28 million credit card numbers
- Lists of HR staff
- Details on citizenship for consumers
The asking price for the data is $2M for a one-time sale.
The seller also cordially extends an invitation to Santander to purchase the data.
For the latest updates, follow on Twitter: @securityaffairs or on Facebook and Mastodon
(SecurityAffairs – hacking, ShinyHunters)
About Author
