InfoSecBulletin Cybersecurity for mankind
Interbank, a major financial institution in Peru, has confirmed a data breach after a hacker leaked stolen data online. Formerly the International Bank of Peru, the company offers financial services to over 2 million customers.
“To our clients: We regret this situation and understand the inconvenience this may cause you. We have identified that some data of a group of clients has been exposed by a third party without our authorization. In this situation, we immediately deploy additional security measures to protect our clients’ operations and information. We want to give you peace of mind that Interbank guarantees the security of your deposits and all its financial products. Most of our channels are operating. As soon as we finish the review exhaustively, we will restore operation on the rest of our channels. Interbank,” Interbank said.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
Customers have reported issues with the bank’s mobile app and online platforms, including a separate outage two weeks ago. Interbank states that most operations are now restored and clients’ deposits are safe.
“We want to assure our clients that Interbank guarantees the security of your deposits and all your financial products. Most of our channels are operating. As soon as we complete the exhaustive review, we will reestablish operations in the rest of our channels,” Interbank added.
The bank hasn’t revealed how many customers had their data stolen in the breach. However, a threat actor known as “kzoldyck” is reportedly selling data claimed to be from Interbank on various hacking forums.
The threat actor claims to have stolen sensitive information from Interbank customers, including full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, credit card numbers, CVV codes, expiry dates, bank transaction details, and plaintext credentials.
The threat actor claimed, “More than 3 million customers’ info and in addition to the data I have uploaded here, I also have clear usernames and password information for customers, which allows access to bank accounts from Peru IP block (Restricted to biometric photo validation for some of them),” .
“For now, I am uploading a part containing information on over 3 million customers. Total data more than 3.7 TB. I obtained lot of internal API credentials, LDAP, Azure credentials and so on.”
They claimed in a thread, where some stolen data was shared, that negotiations with Interbank’s management started two weeks ago. However, the extortion attempt failed because the bank chose not to pay.
Bleeping computer reported Interbank spokesperson was not immediately available to reached out for more details regarding the breach.
