- Dark Web Informer says millions of customer details are up for sale
Millions of bank account details could be at risk of being sold to online criminals after Santander became the target of a cyber attack by hacker group ShinyHunters.
Last month’s hack, which preceded a similar attack on Ticketmaster, has led to the compromise of data relating to all of the European lender’s 210,000 staff, as well as millions of its customers.
Now researchers at Dark Web Informer have warned ShinyHunters are advertising that data for sale on the dark web.
The data for sale, according to Dark Web Informer, includes bank account details of 30 million people, six million account numbers and balances, 28 million credit card numbers and information on human resources staff.
The researchers also claim that ShinyHunters are selling access to Santander’s database for $2m (£1.6m) to a ‘one-off’ buyer – even noting that Santander is also ‘very welcome’ to buy the data himself.
Whose data could be at risk?
The bank has yet to comment on the accuracy of these claims, but on May 14 admitted it was ‘aware of an unauthorized access to a Santander database hosted by a third-party provider’.
Santander said it had “immediately implemented measures to contain the incident, including blocking access to the compromised database and putting additional fraud prevention controls in place to protect affected customers”.
The bank’s investigation found that ‘certain information’ about Santander’s Chilean, Spanish and Uruguayan customers had been accessed.
Meanwhile ‘all current staff’, around 20,000 of whom are in the UK, and ‘some’ former employees are affected.
I’m a Santander UK customer, or current or former employee – do I need to take any action?
Santander assured customers that the affected database contained “no transaction data, nor any credentials that would allow account transactions to be carried out…including online banking details and passwords”.
He added: “The bank’s operations and systems are not affected, so customers can continue to transact securely
“We have also notified regulators and law enforcement and will continue to work closely with them.
The bank apologized for any inconvenience this may have caused and said it would ‘proactively’ contact affected customers and employees directly.
While this may apply to current and former staff, no UK customers are affected.
The growing risk of cyber hacking
Click here to resize this module
The Santander cyber hack is another demonstration of the growing threat posed by cybercriminals to both businesses and consumers.
Reports last week suggested that ShinyHunters are seeking a £400,000 reward from Ticketmaster to prevent its data being sold on the dark web – although the online ticket seller did not publicly admit the breach.
Recent UK corporate targets of cyber attacks include veterinary group CVS in April, legal IT firm provider CTS in November and outsourcing giant Capita in late 2023.
Susannah Streeter, head of money and markets at Hargreaves Lansdown, said: “Although [Santander’s] UK customer details were not accessed in this breach, it has highlighted the reputational damage that companies can suffer through such attacks.
“Millions of bank account details were accessed – although passwords and other credentials were not in the breached database.
‘Santander has moved to reassure customers that transactions are secure, to try to limit the fallout.
“However, for financial institutions, even minor breaches can significantly erode customer confidence, which is a risk in the competitive banking arena.”
Some links in this article may be affiliate links. If you click on them, we may earn a small commission. This helps us fund This Is Money and keep it free to use. We do not write articles to promote products. We do not allow any commercial relationship to affect our editorial independence.