Security & Fraud

UniCredit Uncovers Data Leak Of 3M Italian Customer Records

UniCredit Uncovers Data Leak Of 3M Records

UniCredit has revealed a data breach that leaked information belonging to three million customers from Italy, Reuters reported on Monday (Oct. 28).

The Italian bank indicated that a 2015 file containing customers’ names, addresses, emails and phone numbers was compromised.

The data leak did not include any financial information or the credentials required to access client accounts.

In the past three years, UniCredit has spent €2.4 billion ($2.7 billion) on cybersecurity enhancements.

When the breach was discovered last Thursday (Oct. 24), UniCredit reported it to authorities, a company spokesman told Reuters. The spokesman added that there is an ongoing internal investigation and that “no details could be disclosed on how the breach happened.”

The new data breach was reportedly not connected in any way to the cyberattacks in 2016 and 2017 that affected 400,000 Italian customers. Those attacks were caused by a third-party provider accessing Italian customer data without consent or authorization.

The Italian police are also investigating whether there were any crimes committed in connection with last week’s data breach.

Cyberthreats are increasingly playing out on a global stage. Director Samuel S. Visner of the National Cybersecurity Federally Funded Research and Development Center (FFRDC) said last month that cybersecurity threats to institutions and enterprises exist at several levels. As he noted, there is the possibility that an attack on a country’s financial system, especially in the U.S., would be a component of efforts to take down the power grid, the key infrastructure and the banking system. In the battle for cybersecurity, Visner said that adversaries are not “bulletproof super villains. They make mistakes. Their technology is not necessarily superior to the technology that anyone can get.”


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.