Shiny Hunters Attack Santander Bank

Uploaded on 2024-06-03 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The criminal hacking group ShinyHunters claim they have stolen information including bank and credit card numbers, as well as staff HR details. The stolen information is from 30 million customers, employees, and includes bank account data.The hackers belong to the same gang which apparently recently hacked Ticketmaster.   

The hackers are now trying to sell what they claim is confidential information belonging to millions of Santander’s employees and customers.

Santander, which employs 200k staff globally worldwide, has confirmed that the data has been stolen and some is now on the Dark Web for sale. The bank has apologised for what it says is "the concern this will understandably cause" adding it is "proactively contacting affected customers and employees directly."

"Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed," it said in a recent statement. "No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords."
It said its banking systems were unaffected so customers could continue to "transact securely."

In a post on a hacking forum reported by researchers at Dark Web Informer, the group who call themselves ShinyHunters posted an advert saying they had data including:  

•    30 million people’s bank account details
•    6 million account numbers and balances
•    28 million credit card numbers
•    HR information for staff

The data, which includes hashed credit card numbers, the last four digits of credit cards, expiration dates, fraud details, customer names, addresses, emails, ticket and event information details, is now being sold on dark web with a new wave of credit card fraud to be expected.

ShinyHunters have previously been linked with data stolen from AT&T and the same criminal group is presently offering for sale the private data of what is claims are over 500 million Ticketmaster customers. 

According to reports, researchers at threat intelligence company Hudson Rock first posted that the Santander breach and the apparent Ticketmaster exploit are linked to a hack at the US cloud storage company Snowflake. These reports have been firmly challenged by Snowflake and the post has been withdrawn.  

Xavier Sheikrojan, Senior Risk Intelligence Manager at fraud protection platform Signifyd commented "... in the next few days, we are likely to see more companies hit by the cyber attack... The repercussions could last for months or even years, especially with the rise of sleeper accounts - accounts created using stolen details that initially make small, credible orders to avoid detection, only to escalate to larger abuses later...
 
"Businesses should stay vigilant and implement robust protective measures, such as monitoring for anomalies in behaviour from their existing users and customers. Sometimes hackers only need one set of matching employee's stolen credentials to get into the company's database, so a forced reset of passwords, using strong and unique passwords, and implementing two factor authentication can be great strategies. This not only protects the business but also safeguards loyal customers."

Signifyd are advising organisations at risk to ensure they are educated and aware of the latest data breach trends. Additionally, to proactively find ways to optimise your machine learning detection. "Balancing advanced technology with human oversight will be essential in addressing the fallout from this breach." Sheikrojan says. 

Santander   |   @DarkWebInformer     |   HudsonRock   |   BBC   |   Guardian   |    Finextra   |    CityAM   |   

Bleeping Computer   |   HelpNetSecurity   |   The Record   |   Snowflake  

Image: Ideogram

You Might Also Read: 

Defending Your Supply Chain From Cyber Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 




 

« Email Encryption: What It Is & How It Works
A Single Attack Disabled Half A Million Routers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

EuroISPA

EuroISPA

EuroISPA is a pan European association of European Internet Services Providers Associations and the world’s largest association of ISPs.

European Organisation for Security (EOS)

European Organisation for Security (EOS)

EOS represents all domains of security solutions and services.providers including ICT information and communications technologies.

VisionWare

VisionWare

VisionWare provide consulting services and solutions in areas covering both physical and digital security.

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

National Accreditation Agency of Ukraine (NAAU)

National Accreditation Agency of Ukraine (NAAU)

NAAU is the national accreditation body for Ukraine. The directory of members provides details of organisations offering certification services for ISO 27001.

British Blockchain Association (BBA)

British Blockchain Association (BBA)

British Blockchain Association (BBA) is a not-for-profit organisation that promotes evidence-based adoption of Blockchain and Distributed Ledger Technologies (DLT) across the public and private sector

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

Navixia

Navixia

As a leading Swiss IT security specialist, Navixia offers a global and pragmatic approach to information security.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

TekSek Cyber Security

TekSek Cyber Security

Preparing you for tomorrow's security threats.

Avancer Corporation

Avancer Corporation

Avancer Corporation is a multi-system integrator focusing on Identity and Access Management (IAM) Technology. Founded in 2004.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

Sec3

Sec3

Sec3 is a security and research firm providing bespoke audits and cutting edge tools to Web3 projects.

ARC Risk and Compliance

ARC Risk and Compliance

ARC Risk and Compliance is a consulting company comprised of a team of AML Specialists completely focused on anti-money laundering compliance and the technologies used to support compliance programs.