Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database containing customer and employee information.
The Banco Santander data breach is stated to stem from the database of a third-party provider and limited to the only some of the bank’s customers in specific regions where it operated, as well as some of its current and former employees. However, the bank’s own operations and systems are reportedly unaffected.
Banco Santander is a banking services provider founded on March 21, 1857 and headquartered in Madrid, Spain. The provider operates across Europe, North America, and South America. It’s services include global payments services, online bank and digital assets.
Customer and Employee Data Compromised in Santander Data Breach
The bank reported that upon becoming aware of the data breach, it had immediately implemented measures to contain the incident, such as blocking access to its database from the compromised source as well as establishing additional fraud prevention mechanisms to protect impacted customers and affected parties.
After conducting an investigation, the bank had determined that the leaked information stemmed from a thid-party database and consisted of details of customers from Santander Chile, Spain and Uruguay regions along with some data on some current and former Santander employees.
Despite the third-party database breach, customer data from Santander markets and businesses operating in different regions were not affected.
The bank apologized for the incident and acknowledged concerns arising from the data breach, taking action to directly notify the affected customers and employees. The security team also informed regulators and law enforcement of the incident details, stating that the bank would continue to work with them during the investigation.
Santander assured its customers that no transactional data, nor transaction-facilitating credentials such as banking details and passwords were contained in the database. The statement reported that neither the bank’s operations nor systems were affected, and that customers could continue with secure transaction operations.
Along with the official statement in response to the data breach, the bank had provided additional advice on its site on dealing with the data breach:
- Santander will never ask you for codes, OTPs or passwords.
- Always verify information your receive and contact us through official bank channels.
- If you receive any suspicious message, email or SMS report it to your bank directly or by contacting [email protected].
- Never access your online banking via links from suspicious emails or unsolicited emails.
- Never ignore security notifications or alerts from Santander related to your accounts.
Financial and Banking Sector Hit By Data Breaches
Increased cyber threats or third-party database exposure as in the Santander data breach pose serious concerns for stability within the financial and banking. The International Monetary Fund noted in a blog post last months that these incidents could erode confidence in the financial system, disrupt critical services, or cause spillovers to other institutions.
In March, the European Central Bank instructed banks within the European region to implement stronger measures in anticipation of cyber attacks. Earlier, the body had stated that it would conduct a resilience stest on at least 109 of its directly supervised banks in 2024.
The initiatives come as part of broader concern about the security of European banks. Last year, data from the Deutsche Bank AG, Commerzbank AG and ING Groep NV were compromised after the CL0P ransomware group had exploited a security vulnerability in the MOVEit file transfer tool.
The European Central Bank’s site states that its banking supervisors rely on the stress tests to gather information on and assess how well the banks would able to cope, respond to and recover from a cyberattack, rather than just their ability to prevent attacks.
The response and recovery assessments are described to include the activation of emergency procedures and contingency plans as well as the restoration of usual operations. The site states that these test results would then be used to aid supervisors in identifying weaknesses to be discussed in dialogue with the banks.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.