Interbank, a major financial institution in Peru, has confirmed a data breach after a hacker leaked stolen data online. Formerly the International Bank of Peru, the company offers financial services to over 2 million customers.
“To our clients: We regret this situation and understand the inconvenience this may cause you. We have identified that some data of a group of clients has been exposed by a third party without our authorization. In this situation, we immediately deploy additional security measures to protect our clients’ operations and information. We want to give you peace of mind that Interbank guarantees the security of your deposits and all its financial products. Most of our channels are operating. As soon as we finish the review exhaustively, we will restore operation on the rest of our channels. Interbank,” Interbank said.
Customers have reported issues with the bank’s mobile app and online platforms, including a separate outage two weeks ago. Interbank states that most operations are now restored and clients’ deposits are safe.
“We want to assure our clients that Interbank guarantees the security of your deposits and all your financial products. Most of our channels are operating. As soon as we complete the exhaustive review, we will reestablish operations in the rest of our channels,” Interbank added.
The bank hasn’t revealed how many customers had their data stolen in the breach. However, a threat actor known as “kzoldyck” is reportedly selling data claimed to be from Interbank on various hacking forums.
The threat actor claims to have stolen sensitive information from Interbank customers, including full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, credit card numbers, CVV codes, expiry dates, bank transaction details, and plaintext credentials.
The threat actor claimed, “More than 3 million customers’ info and in addition to the data I have uploaded here, I also have clear usernames and password information for customers, which allows access to bank accounts from Peru IP block (Restricted to biometric photo validation for some of them),” .
“For now, I am uploading a part containing information on over 3 million customers. Total data more than 3.7 TB. I obtained lot of internal API credentials, LDAP, Azure credentials and so on.”
They claimed in a thread, where some stolen data was shared, that negotiations with Interbank’s management started two weeks ago. However, the extortion attempt failed because the bank chose not to pay.
Bleeping computer reported Interbank spokesperson was not immediately available to reached out for more details regarding the breach.