Dutch bank ABN Amro disclosed a data breach after third-party services provider AddComm suffered a ransomware attack. AddComm distributes documents and tokens physically and digitally to clients and employees.
The ransomware attack occurred last week and unauthorized parties may have obtained access to data of a limited number of ABN AMRO clients. ABN AMRO is going to contact the impacted clients and notified the Dutch Data Protection Authority and regulators.
At the time of this writing, AddComm has contained the incident, the impacted systems have been restored, and the company has locked out the attackers. AddComm has yet to determine what type of data may have been stolen during the attack. However, the company is investigating the incident with the help of external security experts working for AddComm.
The Dutch bank has stopped using services provided by AddComm.
At the moment, there are no indications that attackers have used the data of ABN AMRO clients. The bank also warns clients to stay alert to phishing messages.
The bank added that its systems have not been affected by the ransomware attack.
“External cybersecurity experts are currently investigating exactly what data has been stolen at AddComm. We are writing to customers whose data may be involved in this attack.” states the bank.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)