Mexican Bank Hack Led To A Cash Flight

Several Mexican banks experienced large cash withdrawals in recent weeks after possible cyber attackers infiltrated some financial institutions, triggering unauthorised money transfers, the central bank said in an interview.

Banco de Mexico has zeroed in on five financial institutions whose external connection to the central bank’s electronic payment system was compromised, Lorenza Martinez, the central bank’s head of operations said. The vulnerability let money be illegally siphoned from “fake accounts” at those firms and led to several large cash withdrawals from other banks, she said.

The five banks and brokers are working with Mexico’s attorney general to determine whether organised criminals helped orchestrate a possible attack, but Banxico is not involved in those investigations, Martinez said. 

She declined to name the affected companies and said it’s too early to tell how many actors are behind the incidents. A representative for the attorney general didn’t immediately comment to a request made outside of normal business hours.
Recently the monetary authority asked some lenders to connect to its payment transfer network using a back-up scheme after a suspected cyber-attack disrupted some transfers. The measures have caused slowness in transfers for many consumers.

Now, more than 20 Mexican financial institutions have enacted back-up plans.

Clients at Citibanamex have reported that the lender’s ATM networks, credit and debit cards payments and online banking services are down, El Financiero reported Sunday. Citibanamex said in a statement to El Financiero that it’s working to restore services.

Grupo Financiero Banorte, Banco del Bajio SA and Banco del Ejercito were banks that had been directly targeted in the suspected cyber-attack. 

The payment system, known as the SPEI, was established in 2004 and lets users electronically transfer money between deposit accounts through a private, encrypted network operated by Mexico’s central bank.

While vulnerabilities were discovered at the end of April 2018, at least one bank experienced an incident as recently as early May, Martinez said. Some of the cash was withdrawn from accounts that had just recently been opened, she said.

The central bank is also probing whether the affected banks and brokerages were complying with security regulations and will ask banks to undergo more frequent stress tests in the future to ensure they can more quickly connect to the SPEI through its back-up network the next time there’s an attack.

Information-Management:

You Might Also Read:

Russian Hackers Steal $10M From Banks:

SWIFT Says Bank Cyber Attacks Are Here to Stay:

 

« Is The US Heading Toward A Cashless Economy Via Blockchain?
A Cyber Attack Could Cripple The UK »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

ACI Solutions

ACI Solutions

ACI Solutions is a managed IT services and network security provider working with diverse global commercial, government and public sector clients.

Stealthbits Technologies

Stealthbits Technologies

Stealthbits Technologies is a cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data.

Trusona

Trusona

Trusona is a pioneer and leader in passwordless two-factor authentication (2FA).

Elron Ventures

Elron Ventures

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are enterprise software, cybersecurity, and healthcare.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Alias

Alias

Alias (formerly Alias Forensics) provide penetration testing, vulnerability assessments, incident response and security consulting services.

HackEDU

HackEDU

HackEDU provides secure coding training to companies ranging from startups to the Fortune 500.

Airiam

Airiam

Airiam provides cybersecurity, managed IT, consulting, incident response, and digital transformation services so you can focus on what matters most.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

Exiger

Exiger

Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.

AccessIT Group

AccessIT Group

AccessIT Group is a specialized cybersecurity solutions provider offering a full range of advanced security services.

SecureFlag

SecureFlag

SecureFlag is dedicated to enhancing secure coding across all technical profiles within the Software Development Lifecycle.