Interbank, one of Peru’s prominent financial institutions, has confirmed a significant data breach after a threat actor infiltrated its systems and leaked sensitive customer information online. Known previously as the International Bank of Peru, Interbank serves over 2 million customers and has now reported that a portion of its client data has been exposed without authorization. The hacker, using the alias “kzoldyck,” claims to have stolen extensive data, including full names, account IDs, birth dates, addresses, phone numbers, and credit card details, among other sensitive information. In response to this breach, Interbank stated that it has implemented additional security measures to safeguard the operations and information of its clients.
Following the breach, many customers experienced disruptions with Interbank’s mobile app and online platforms, although the bank has reassured clients that most services are now operational and that their deposits remain secure. Interbank emphasized that while the investigation is ongoing, they are working diligently to restore functionality across all channels. The bank has pledged to conduct an exhaustive review of its systems to identify and rectify any vulnerabilities that may have contributed to this incident.
The leaked data is reportedly substantial, with the threat actor claiming to possess over 3.7 terabytes of information, including sensitive personal details and internal corporate credentials. This data breach raises significant concerns about the security measures employed by Interbank, as well as the potential risks faced by its customers. The threat actor has indicated that negotiations with Interbank’s management for a ransom began two weeks prior to the data leak, but these discussions were unsuccessful as the bank opted not to pay.
This incident underscores the growing threat of cybercrime within the financial sector, emphasizing the need for robust security protocols to protect sensitive customer data. As Interbank continues its investigation, it is crucial for customers to remain vigilant and monitor their accounts for any unauthorized activity. The breach serves as a stark reminder of the potential vulnerabilities that financial institutions face in an increasingly digital landscape, necessitating ongoing efforts to strengthen cybersecurity measures and protect client information.
Reference: