Santander has apologised for what it says is “the concern this will understandably cause” adding it is “proactively contacting affected customers and employees directly
Around ’30 million’ Santander customers are believed to have had their bank data stolen by hackers.
According to reports, the hack was conducted by the same gang which this week claimed to have hacked Ticketmaster and stolen details of around 560 million customers. Santander employs around 200,000 people worldwide and around 20,000 in the UK.
In a statement posted by the high street bank this month, Santander said it had recently “become aware” of unauthorized access to a Santander database hosted by a third-party provider. The bank said it had immediately “implemented measures to contain the incident”. However, following an investigation, it confirmed that information relating to customers in Chile, Spain, and Uruguay had been accessed. It confirmed that data from “all” other Santander markets and businesses had not been affected.
It added: “No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords.” Santander has not confirmed what specific banking data had been accessed. It said its banking systems were also unaffected so customers could continue to “transact securely.”
Santander said: “We apologise for the concern this will understandably cause and are proactively contacting affected customers and employees directly. We have also notified regulators and law enforcement and will continue to work closely with them.”
According to reports by the BBC, a post was made to a hacking forum and a group called “ShinyHunters” took responsibility for the hack. In the post, it claimed to have collected bank account details from 30million people. This included six million account numbers and balances, 28 million credit card numbers, and HR information for staff. Santander has not commented on the accuracy of those claims.
The hacking group has previously sold data confirmed to have been stolen from US telecoms firm AT&T. The gang is also selling what it says is a huge amount of private data from Ticketmaster. However, experts have said the claims should be treated with caution. This is because the group’s hacking forum has recently been taken down by police, and the Ticketmaster hack, is believed to have been a publicity stunt to draw attention to their new one.