Santander data breach: 30m account and credit card details up for sale on dark web
According to reports, Santander customer and staff data has been put up for sale on the dark web.
The details relate to the data leak reported earlier in May. Data leaked included HR details for staff, 30m customers’ bank account details, and 28m credit card numbers.
The bank, which is the eurozone’s second-largest lender, has around 210,000 staff worldwide, according to its latest quarterly report.
On 14 May Santander acknowledged the data breach had taken place, saying in a statement it “recently became aware of an unauthorized access to a Santander database hosted by a third-party provider.”
“We immediately implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers.”
The details leaked were limited to the group’s customers in Chile, Spain and Uruguay. However, the employee data leak appeared to have been more widespread. The group said data of “current and some former Santander employees of the group had been accessed.”
A group called Shinyhunters posted an advert claiming to have the data.
Santander declined comment on the claim the information is being put up for sale, when approached by City A.M.
The statement on 14 May said: “No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords. The bank’s operations and systems are not affected, so customers can continue to transact securely.”
“We apologise for the concern this will understandably cause and are proactively contacting affected customers and employees directly. We have also notified regulators and law enforcement and will continue to work closely with them.”
What should you do?
Following the data breach and reports the details have been put up for sale on the dark web, experts were eager to analyse its impact.
Vonny Gamot, Head of EMEA at online protection company, McAfee, said there were a number of things people could do to protect themselves, including watching out for phishing scams and the increased use of AI.
“Strong and unique passwords are a must, which means never reusing a password for multiple accounts, apps and platforms. Using a password manager will help you keep on top of it all.
“While a strong and unique password is a good first line of defence, enabling two-factor authentication across your accounts will help provide an extra layer of protection.
“Recent advances in AI have helped make scams more convincing, removing the traditional hallmarks like misspelled words and bad grammar. However, one crucial tell-tale sign remains – a pressure to act, fast.
Vonny Gamot
“Regularly monitor your accounts for any unfamiliar or unauthorised activity, such as attempted logins, messages sent from your account or transactions you didn’t make. If there is something suspicious, report it immediately.
“And keep an eye out for an influx of phishing attacks and scams, which is common following a high-profile data breach such as this.
“It could be an email or a text message directing you to a fake site designed to steal your personal info – either by tricking you into providing it or by stealing it without your knowledge.
“It’s always wise to keep a sceptical eye open with any requests for money or info. But if you’re ever in doubt over the legitimacy of an email or link, don’t engage with it and go directly to the source.”