InfoSecBulletin Cybersecurity for mankind
Interbank, a major financial institution in Peru, has confirmed a data breach after a hacker leaked stolen data online. Formerly the International Bank of Peru, the company offers financial services to over 2 million customers.
“To our clients: We regret this situation and understand the inconvenience this may cause you. We have identified that some data of a group of clients has been exposed by a third party without our authorization. In this situation, we immediately deploy additional security measures to protect our clients’ operations and information. We want to give you peace of mind that Interbank guarantees the security of your deposits and all its financial products. Most of our channels are operating. As soon as we finish the review exhaustively, we will restore operation on the rest of our channels. Interbank,” Interbank said.
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
Customers have reported issues with the bank’s mobile app and online platforms, including a separate outage two weeks ago. Interbank states that most operations are now restored and clients’ deposits are safe.
“We want to assure our clients that Interbank guarantees the security of your deposits and all your financial products. Most of our channels are operating. As soon as we complete the exhaustive review, we will reestablish operations in the rest of our channels,” Interbank added.
The bank hasn’t revealed how many customers had their data stolen in the breach. However, a threat actor known as “kzoldyck” is reportedly selling data claimed to be from Interbank on various hacking forums.
The threat actor claims to have stolen sensitive information from Interbank customers, including full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, credit card numbers, CVV codes, expiry dates, bank transaction details, and plaintext credentials.
The threat actor claimed, “More than 3 million customers’ info and in addition to the data I have uploaded here, I also have clear usernames and password information for customers, which allows access to bank accounts from Peru IP block (Restricted to biometric photo validation for some of them),” .
“For now, I am uploading a part containing information on over 3 million customers. Total data more than 3.7 TB. I obtained lot of internal API credentials, LDAP, Azure credentials and so on.”
They claimed in a thread, where some stolen data was shared, that negotiations with Interbank’s management started two weeks ago. However, the extortion attempt failed because the bank chose not to pay.
Bleeping computer reported Interbank spokesperson was not immediately available to reached out for more details regarding the breach.
