Russia’s Sberbank has been the victim of a client data leak.
The country’s biggest lender revealed that it is investigating the potential leak, which could be the biggest in Russian history.
Analysts at cybersecurity firm DeviceLock found personal information of up to 60 million of the bank’s credit card holders for sale on the black market. The bank currently has around 18 million active credit card customers.
“This is the largest and most detailed banking database that has ever appeared on the black market,” DeviceLock Founder Ashot Oganesyan told the Moscow Times. “In the world ranking of bank leaks, this can be considered a large incident. For the Russian market, this is an absolute record, at least for the last 10 years.”
Russian newspaper Kommersant was also able to verify the database’s authenticity by asking the hacker to provide information on their reporters’ own credit cards, which was correct and up-to-date. The seller wants 5 roubles ($0.08) per entry.
Sberbank said it believes the leak was the work of an insider.
“At the moment, an internal investigation is being carried out and its results will be reported in the future. The most likely explanation of the incident is the deliberate criminal action of an employee, as external penetration into the database is impossible due to its isolation from the external network. The stolen information, in any case, does not threaten the safety of customer funds,” according to a statement.
This latest breach is another example of the cybersecurity issues Russian banks and corporations are dealing with daily.
“Nine million attacks a year, 30,000 a day — this is what the Rosseti group of companies deals with,” Pavel Livinskiy, the chief executive of Russian state-controlled electric grid company Rosseti, said, according to Reuters.
“Eighty percent of all successful attacks exploit human (rather than technical) vulnerabilities,” noting that Rosseti was spending about 2 billion roubles ($31 million) a year on cybersecurity.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More