InfoSecBulletin Cybersecurity for mankind
Interbank, a major financial institution in Peru, has confirmed a data breach after a hacker leaked stolen data online. Formerly the International Bank of Peru, the company offers financial services to over 2 million customers.
“To our clients: We regret this situation and understand the inconvenience this may cause you. We have identified that some data of a group of clients has been exposed by a third party without our authorization. In this situation, we immediately deploy additional security measures to protect our clients’ operations and information. We want to give you peace of mind that Interbank guarantees the security of your deposits and all its financial products. Most of our channels are operating. As soon as we finish the review exhaustively, we will restore operation on the rest of our channels. Interbank,” Interbank said.
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Customers have reported issues with the bank’s mobile app and online platforms, including a separate outage two weeks ago. Interbank states that most operations are now restored and clients’ deposits are safe.
“We want to assure our clients that Interbank guarantees the security of your deposits and all your financial products. Most of our channels are operating. As soon as we complete the exhaustive review, we will reestablish operations in the rest of our channels,” Interbank added.
The bank hasn’t revealed how many customers had their data stolen in the breach. However, a threat actor known as “kzoldyck” is reportedly selling data claimed to be from Interbank on various hacking forums.
The threat actor claims to have stolen sensitive information from Interbank customers, including full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, credit card numbers, CVV codes, expiry dates, bank transaction details, and plaintext credentials.
The threat actor claimed, “More than 3 million customers’ info and in addition to the data I have uploaded here, I also have clear usernames and password information for customers, which allows access to bank accounts from Peru IP block (Restricted to biometric photo validation for some of them),” .
“For now, I am uploading a part containing information on over 3 million customers. Total data more than 3.7 TB. I obtained lot of internal API credentials, LDAP, Azure credentials and so on.”
They claimed in a thread, where some stolen data was shared, that negotiations with Interbank’s management started two weeks ago. However, the extortion attempt failed because the bank chose not to pay.
Bleeping computer reported Interbank spokesperson was not immediately available to reached out for more details regarding the breach.
