Bank's data sold on the black market
Alfa-Bank's data sold on the black market
The data of Alfa-Bank credit cardholders, as well as Alfa Insurance customers, came up for sale in the Darknet. Hacker targeted 3500 Alfa-Bank and about 3000 Alfa Insurance customers. The ad was published on October 31, the seller registered there on the same day.
To verify the data, the seller suggested looking at 23 contracts. They contained the full name, passport data, mobile phone number, registration address, the amount of credit limit or issued insurance, the subject of insurance, as well as the date of the conclusion of the contract.
When the investigator tried to transfer money by phone number, in 11 of the 13 credit card contracts, the names and first letters of the surnames matched. Also, he phoned up nine customers, most of them confirmed that they had recently issued a credit card at Alfa Bank. Fraudsters have already managed to make a call to one of the clients, after which he blocked the card.
Alfa-Bank confirmed the leak. "At the moment, it is reliably known about the illegal distribution of personal data of 15 clients. The occurrence of this situation is not the result of a violation of the protection of the corporate information system of the Bank, " - said the representative of the Bank.
According to him, the leak does not pose a threat to customer accounts, as it does not have data to access them.
Indeed, the contracts do not contain card numbers and CVV-codes, so fraudsters will not be able to get direct access to the money. However, they can use the information to call a customer under the guise of a Bank and find out the necessary information to steal money.
Additionally, Alfa-Bank has introduced security measures and is investigating the publication of customer data.
The data of Alfa-Bank credit cardholders, as well as Alfa Insurance customers, came up for sale in the Darknet. Hacker targeted 3500 Alfa-Bank and about 3000 Alfa Insurance customers. The ad was published on October 31, the seller registered there on the same day.
To verify the data, the seller suggested looking at 23 contracts. They contained the full name, passport data, mobile phone number, registration address, the amount of credit limit or issued insurance, the subject of insurance, as well as the date of the conclusion of the contract.
When the investigator tried to transfer money by phone number, in 11 of the 13 credit card contracts, the names and first letters of the surnames matched. Also, he phoned up nine customers, most of them confirmed that they had recently issued a credit card at Alfa Bank. Fraudsters have already managed to make a call to one of the clients, after which he blocked the card.
Alfa-Bank confirmed the leak. "At the moment, it is reliably known about the illegal distribution of personal data of 15 clients. The occurrence of this situation is not the result of a violation of the protection of the corporate information system of the Bank, " - said the representative of the Bank.
According to him, the leak does not pose a threat to customer accounts, as it does not have data to access them.
Indeed, the contracts do not contain card numbers and CVV-codes, so fraudsters will not be able to get direct access to the money. However, they can use the information to call a customer under the guise of a Bank and find out the necessary information to steal money.
Additionally, Alfa-Bank has introduced security measures and is investigating the publication of customer data.
Comments
Post a Comment