Interbank, formally the Banco Internacional del Perú Service Holding S.A.A. is a leading Peruvian provider of financial services has over 2 million customers.
Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. A threat actor that uses the moniker ‘kzoldyck’ claims the leak of 3.7 TB of company data related to 3 million customers. Alleged stolen data includes personal info, credit card details, CVVs, passwords, and API credentials.
“We have identified that some data of a group of clients has been exposed by a third party without our authorization. Faced with this situation, we immediately deployed additional security measures to protect the operations and information of our clients.” reads the statement published by the company. We want to reassure you that Interbank guarantees the security of your deposits and all your financial products.”
The financial organization announced that it had resumed its mobile and online platforms after recent outages and sought to assure customers that their funds were not impacted by the security incident.
The threat actor confirmed that Interbank refused to pay the ransom after a two-week negotiation.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)