All Santander staff and millions of customers have data hacked
All Santander staff and millions of customers have data hacked
Massive Data Breach at Santander Affects Millions
Widespread Data Compromise
Hackers have stolen confidential information from all Santander staff and approximately 30 million customers across Spain, Chile, and Uruguay, attempting to sell the data.
Gang Involvement
The responsible hacking group, known as ShinyHunters, is also linked to recent cyber-attacks on Ticketmaster and has previously targeted companies like AT&T.
Bank's Response
Santander has acknowledged the breach, assuring that no transactional data or credentials were compromised, and is contacting affected parties directly.
Potential Link to Snowflake
Cybersecurity experts suggest that the breach may be connected to a larger hack at cloud storage company Snowflake, indicating possible broader implications and more victims.
What specific customer and employee information was confirmed to have been accessed in the Santander hack?
In the Santander hack, the specific customer and employee information that was confirmed to have been accessed includes:
- Certain information relating to customers of Santander Chile, Spain, and Uruguay
- Information of all current and some former Santander employees of the group
However, Santander emphasized that no transactional data, nor any credentials that would allow transactions to take place on accounts, are contained in the database. This includes online banking details and passwords.
What assurances has Santander provided regarding the security of transactional data and online banking credentials?
Santander has assured its customers that no transactional data, nor any credentials that would allow transactions to take place on accounts, are contained in the breached database. This includes online banking details and passwords. The bank has stated that its operations and systems have not been affected, and customers can continue to transact securely. Santander has implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers.