Shiny Hunters Attack Santander Bank

Uploaded on 2024-06-03 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The criminal hacking group ShinyHunters claim they have stolen information including bank and credit card numbers, as well as staff HR details. The stolen information is from 30 million customers, employees, and includes bank account data.The hackers belong to the same gang which apparently recently hacked Ticketmaster.   

The hackers are now trying to sell what they claim is confidential information belonging to millions of Santander’s employees and customers.

Santander, which employs 200k staff globally worldwide, has confirmed that the data has been stolen and some is now on the Dark Web for sale. The bank has apologised for what it says is "the concern this will understandably cause" adding it is "proactively contacting affected customers and employees directly."

"Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed," it said in a recent statement. "No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords."
It said its banking systems were unaffected so customers could continue to "transact securely."

In a post on a hacking forum reported by researchers at Dark Web Informer, the group who call themselves ShinyHunters posted an advert saying they had data including:  

•    30 million people’s bank account details
•    6 million account numbers and balances
•    28 million credit card numbers
•    HR information for staff

The data, which includes hashed credit card numbers, the last four digits of credit cards, expiration dates, fraud details, customer names, addresses, emails, ticket and event information details, is now being sold on dark web with a new wave of credit card fraud to be expected.

ShinyHunters have previously been linked with data stolen from AT&T and the same criminal group is presently offering for sale the private data of what is claims are over 500 million Ticketmaster customers. 

According to reports, researchers at threat intelligence company Hudson Rock first posted that the Santander breach and the apparent Ticketmaster exploit are linked to a hack at the US cloud storage company Snowflake. These reports have been firmly challenged by Snowflake and the post has been withdrawn.  

Xavier Sheikrojan, Senior Risk Intelligence Manager at fraud protection platform Signifyd commented "... in the next few days, we are likely to see more companies hit by the cyber attack... The repercussions could last for months or even years, especially with the rise of sleeper accounts - accounts created using stolen details that initially make small, credible orders to avoid detection, only to escalate to larger abuses later...
 
"Businesses should stay vigilant and implement robust protective measures, such as monitoring for anomalies in behaviour from their existing users and customers. Sometimes hackers only need one set of matching employee's stolen credentials to get into the company's database, so a forced reset of passwords, using strong and unique passwords, and implementing two factor authentication can be great strategies. This not only protects the business but also safeguards loyal customers."

Signifyd are advising organisations at risk to ensure they are educated and aware of the latest data breach trends. Additionally, to proactively find ways to optimise your machine learning detection. "Balancing advanced technology with human oversight will be essential in addressing the fallout from this breach." Sheikrojan says. 

Santander   |   @DarkWebInformer     |   HudsonRock   |   BBC   |   Guardian   |    Finextra   |    CityAM   |   

Bleeping Computer   |   HelpNetSecurity   |   The Record   |   Snowflake  

Image: Ideogram

You Might Also Read: 

Defending Your Supply Chain From Cyber Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 




 

« Email Encryption: What It Is & How It Works
A Single Attack Disabled Half A Million Routers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber adAPT

Cyber adAPT

Cyber adAPT offers a leading network threat detection platform (NTD) to the enterprise and ODM/OEM markets.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

Equilibrium Security Services

Equilibrium Security Services

Equilibrium Security Services is a specialist cyber security company providing a full spectrum of IT security solutions from consultancy to design & implementation and managed security services.

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS)

CSIS collects and analyzes threat-related information concerning the security of Canada in areas including terrorism, espionage, WMD, cybersecurity and critical infrastructure protection.

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

SEON Technologies

SEON Technologies

At SEON we strive to help online businesses reduce the costs, time, and challenges faced due to fraud.

BI.ZONE

BI.ZONE

BI.ZONE creates high-tech products and solutions to protect IT infrastructures and applications, and provides services from cyber intelligence and proactive defence to cybercrime investigation.

ClubCISO

ClubCISO

ClubCISO is a community of peers, working together to help shape the future of the information security profession by facilitating independent discussion on data security and cyber resilience.

Cybots

Cybots

Cybots is a multinational cyber defence brand founded in Singapore in 2018 to help organizations stay ahead of increasingly sophisticated threats from cyber criminals.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

Easy Dynamics

Easy Dynamics

Easy Dynamics is a leading technology services provider with a core focus in Cybersecurity, Cloud Computing, and Information Sharing.

eCapital

eCapital

eCAPITAL is a leading venture capital firm that provides early to growth stage funding to technology companies in fields including software & information technology, cybersecurity and industry 4.0.

Data Pie Cybersecurity

Data Pie Cybersecurity

The Data Pie Cybersecurity Consulting offers a 360° around protection for your IT security. Security awareness solutions and consulting.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

FearsOff

FearsOff

FearsOff is a global information security company serving clients worldwide. White hat operators with a black hat mindset to emulate real world attacks and everchanging threat vectors.