In a recent development, hackers purportedly affiliated with the ShinyHunters group are attempting to sell what they allege are the bank account details of 30 million Santander customers for $2 million. This revelation follows Santander’s confirmation earlier this month of a data breach at a third-party provider, which compromised some client and employee data.
The hackers’ post on a hacking forum advertises a trove of data, including 28 million credit card numbers, six million account numbers and balances, and HR information on 200,000 Santander staffers. Despite the bold offer, cybersecurity experts advise caution, suggesting that the recent claim may be a tactic to garner attention, citing a similar incident involving TicketMaster.
Earlier this week, the ShinyHunters group also claimed responsibility for an attack on TicketMaster and has previously targeted telecommunications giant AT&T.
In response to the breach, Santander clarified that the accessed database, hosted by a third party, affected operations in Spain, Chile, and Uruguay. However, the bank assured customers that no transactional data or credentials allowing transactions were compromised. Santander emphasized that its operations and systems remained unaffected, ensuring customers could continue to transact securely.