A recent cybersecurity threat has emerged involving Sociedad de Ahorro y Crédito Constelación, a financial institution based in El Salvador. On April 4, 2024, a group identifying themselves as “ransomhub” issued a warning, indicating their possession of 497 gigabytes of data stolen from Constelación. This purported data breach encompasses personal information of the institution’s clients, raising concerns about potential privacy and security risks.
Constelación has acknowledged the cyber incident affecting its digital services but refutes claims that sensitive client information has been compromised. Despite this, “ransomhub” has threatened to release the stolen data on the deep web, citing failed negotiations with the company. A glimpse of the leaked information, including personal credit requests containing customer details like addresses and phone numbers, has been shared by the hackers.
Efforts to obtain further details from Constelación have been met with silence, leaving many questions unanswered regarding the extent and implications of the breach. This incident echoes a previous data breach in August 2023, where the personal data of millions of Salvadorans was traded on the deep web. With authorities yet to comment on these developments, vigilance and precautionary measures are paramount to safeguard against potential fallout from such breaches.
Reference:
