Dark web rumors indicate Banregio, a leading financial institution in Mexico, may have suffered a data breach. Allegedly, unauthorized access to the organization’s control panel initiated the incident, according to claims by an obscure threat actor. This unauthorized access reportedly resulted in the extraction of various project attachments, including data in HTML format and screenshots.
The Cyber Express has contacted Banregio to clarify the alleged breach. However, as of now, no official statement or response has been received. Consequently, the claims about the Banregio data breach remain unverified.
Additionally, Banregio’s website appears to be operational, showing no immediate signs of a cyberattack. It is speculated that the hacker responsible for the breach may have targeted the backend infrastructure rather than launching a direct attack on the front end of the website.
Alleged Banregio Data Breach Exposes Sensitive Information
The alleged breach was announced by the threat actor through a post that stated, “Yesterday at 10:19 PM, Banregio Access to the control panel was obtained by decision of malfunctions and errors, this followed the export of all projects attachments, namely, data in the HTML format with screenshots.”
“They have a lot of data for various admin panels, FTP access, server log files, etc. What to do with it? You can do a lot of things, for example, find the admin panels of their clients as well as databases and accesses. There is a lot of information and it’s up to you. #1”, added the threat actor.
This purported data breach comes at a time when Banregio is undergoing significant changes. Recently, Enrique Navarro, the Director of Finance and Planning at Regional, revealed plans for Hey Banco Institución de Banca Múltiple, a Mexican neobank, to become operationally independent from Banco Banregio by 2025.
Hey Banco is currently in the process of securing necessary operational authorizations from regulatory bodies such as the Comisión Nacional Bancaria de Valores and Banco de México. This includes permissions for services like SPEI and the incorporation of banking correspondents such as Oxxo or Farmacias del Ahorro.
Despite the challenges involved in migrating Hey’s customer base to the new entity, Navarro aims to complete the process by late 2024 or early 2025.
Cyberattack on Financial Institutions: A Growing Trend
Another interesting fact about this Banregio data breach is that the incident is not isolated as several financial institutions have been targeted by threat actors from a long time. A recent example highlighting the vulnerability of banking institutions to cyber threats is the data breach suffered by Bank of America.
In November of last year, a vendor of Bank of America experienced a breach, compromising the personal data of 57,028 customers. The breach, linked to the LockBit ransomware group, occurred on November 3 and was reported to Bank of America on November 24.
However, affected consumers were not notified until February 1, about 90 days post-discovery, potentially violating state notification laws. Those impacted were enrolled in Bank of America-sponsored deferred compensation plans, with compromised data possibly including names, addresses, business emails, birth dates, Social Security numbers, and other account details.
As for the Banregio data breach, this is an ongoing story and The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the alleged breach or any official confirmation from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.