You might want to check your bank statements. A cybercriminal just claimed a big score against a global bank.
They say they stole thousands of customer records. And now, that data is reportedly up for sale.
Details of the purported data breach
A hacker using the alias “BreachParty” claimed they broke into Banco Santander’s internal network. The bank is one of the largest financial organizations in the world. It has operations across Europe, the Americas, and Asia.
The threat actor posted Santander’s name on their data leak site, claiming they’ve stolen 10,000 private records. Now, they’re trying to sell that data on the dark web.
The hacker is saying this loot has some seriously sensitive stuff in it. According to reports, the hacker also seized phone numbers and international bank account numbers (IBANs).
On its part, Banco Santander has yet to make any public comment regarding these allegations and has neither confirmed nor denied the alleged intrusion.
A repeat security incident
Santander’s been down this road before with previous data troubles. Just last year, some other hackers got into their system through a database managed by another company.
The bank confirmed that incident at the time. It affected customers in Chile, Spain, and Uruguay. Data from all current and some former employees was also accessed.
Santander assured customers that no transactional data was compromised. The database did not contain online banking details or account passwords. What that means is that the information that was stolen cannot be used to buy anything online without permission.
The infamous ShinyHunters group claimed they were behind the hack. They made much larger claims about the data they stole. The group alleged they had information on 30 million customers and millions of credit card numbers.
The dark web’s data black market
So, where does stolen info end up after it’s sold online? It becomes a commodity in a bustling criminal marketplace. The information is traded for profit on the dark web and in private forums. Navigating these hidden corners (even for research), carries inherent risks, which is why security experts strongly advise using one of the best VPNs for the dark web to add a critical layer of anonymity.
Hackers who steal data rarely use it themselves. To them, it is just a valuable asset. They aim to sell it as quickly as possible. Data is most valuable when it is fresh and usable.
This stolen information often ends up in a few key places. A lot of it goes to secret dark web markets. These sites let buyers and sellers stay anonymous.
Encrypted messaging apps such as Telegram are also pretty common places to see it pop up. Criminals create private channels to trade data. Heavily moderated, invite-only forums on the normal web are used too.
The data sold can be used for many crimes. Buyers may use payment card details for fraudulent purchases. They use personal documents to commit identity theft. Site credentials help them launch phishing attacks.
Once your data is out there, the risk of fraud follows. If you happen to be a Santander customer, act now to secure your accounts: change your passwords immediately, report any suspicious activity to the authorities, and monitor your statements closely.
As a fundamental layer of protection for all your future online banking, using a robust VPN is one of the smartest steps you can take. It encrypts your connection, making it much harder for criminals to snoop on your financial activity. We’ve tested and compiled a list of the best VPNs specifically for online banking to help you choose with confidence.
