Some Santander customers may have had their data stolen following a supply chain attack targeting one of the bank's third-party suppliers.
The company confirmed the news in a breach notification letter to customers, noting: “We recently became aware of unauthorized access to a Santander database hosted by a third-party provider.”
“We immediately implemented measures to contain the incident, including blocking compromised access to the database and establishing additional fraud prevention controls to protect affected customers.”
Baphomet arrested
The subsequent investigation of the incident revealed that the victims are clients of Santander Chile, Spain and Uruguay. Unfortunately, the localized Twitter accounts (Spain and Chile) do not have warnings or information about violations. Chile's website, however, displays a warning.
Some of the stolen data belongs to some current and former employees. “Customer data in the rest of Santander's markets and businesses are not affected,” the company confirmed.
Santander has a presence in many countries around the world, including the United Kingdom, the United States and Mexico, with more than 140 million customers in total.
The company did not explain who the threat actors were, what they were trying to achieve, or what type of data they stole. It did say that transactional data, user credentials and any other information that would enable financial transactions was not found in the compromised database and is therefore safe.
“The bank's operations and systems are not affected, so customers can continue to make transactions safely,” he concluded.
The breach notification letter concludes with a mandatory apology for the inconvenience caused and a confirmation that affected persons would be notified in due time. “We have also notified regulators and authorities and will continue to work closely with them,” Santander said.
Via BleepingComputer
