Italy's largest bank, UniCredit, says accounts of some 400,000 customers in Italy have been hacked.
The bank said in a statement Wednesday that the hackers accessed only data related to personal loans, and that it was breached through an unidentified external third-party commercial partner.
Initial breaches occurred September and October of 2016 and had not previously been disclosed. They were followed by a more recent one in June and July. The bank said no passwords appear to have been jeopardised, but that personal data, including names and birthdates, along with IBAN numbers "might have been accessed." The UniCredit hack is one of the biggest breaches in Europe to-date, however it spoke to Daniele Tonella, the CEO of UniCredit Business Integrated Solutions, which handles the IT department of the bank who said:
Tonella told: "We don't know why this data was acquired," adding that it also did not know who was behind the attacks. The bank said it was filing a criminal complaint with prosecutors and is taking action to close the breach. At the same time UniCredit is reportedly investing €2.3 billion ($2.7 billion) in upgrading and bolstering its IT systems through technological advancements and digitalisation activities.
Banks have become prime targets for hackers as cyber criminals try to find new ways to exploit vulnerable systems to pull off cyber heists. In November 2016 Tesco Bank was subject to a hack that resulted in the loss of £2.5 million, while Bangladesh Bank was hit by cyber criminals stealing a staggering $81 million (£62 million).
Download SafeUM — communicate privately, without advertising and spam.
110 Reykjavik, Iceland