Rex Mundi hackers are Blackmailing a Swiss Bank after data breach

The Banque Cantonale de Geneve announced that Rex Mundi hackers had stolen the personal data of thousands of its clients and that it was being blackmailed.

The Banque Cantonale de Geneve revealed that a criminal crew has tried to blackmail the financial institution, according a first report on the incident the data breach affected said several thousand of clients. According the company there had been “no financial damage,”, the stolen data includes names, addresses, telephone numbers and account numbers of the bank customers.

The group of hacker that hit the financial institution, which called itself Rex Mundi, is threatening to publish some 30,000 emails of the affected clients if the bank did not pay 10,000 euros by Today. There is no news related to a possible impact on the overall 240 000 clients of the Banque Cantonale de Geneve. The Rex Mundi is using its Twitter account to menace the bank and share a message with the targeted institution providing details for some customers to prove that they have really breached the bank systems.

“Dear friends and foes, Last week, we hacked our way into the servers of Swiss bank Banque Cantonale de Geneve (BCGE). While we did not access any bank account, we did download 30,192 private emails sent by both Swiss and foreign customers, in addition to various other interesting data (conference registrations, mailing list entries,…).” states the message. “There are 30,190 other similar emails and customer records in the database we downloaded. We would like to mention that, as always, we did contact BCGE a few days ago and offered them not to post their data in exchange for a very reasonable amount of money. Since they declined our initial offer, we have therefore decided to post this initial leak.The full dump will be posted on our website (http://ga6xcwvbs7czcs2v.onion/) as well as on clearnet on Friday at 6PM CET if BCGE still refuses to pay us 10,000EUR.” states the message from Rex Mundi, which promised to disclose the archive on a Tor website.

At the moment, The Banque Cantonale de Geneve refused to provide further details on the incident, meantime the authorities have started the investigation of the data breach.

To reassure its customers, the bank confirmed that it has improved security for its web services and blocked access to online forms. Rex Mundi hackers are known for blackmailing activities, cyberwarzone portal reported that Rex Mundi hackers made data public about companies that refused to pay. The Rex Mundi hackers launched a website which hosts an archive of data stolen by the group during the attacks and that are made public when companies declined to pay the ransom demand.

The Rex Mundi hackers claimed that their website has been hosted for the following reasons:

“On this page, you will find leaks belonging to most of the websites that we hacked. Please note that those are leaks belonging only to companies that declined to pay us. As per our agreement with the companies that did pay us, we will never release those leaks.”

Pierluigi Paganini

(Security Affairs –  Rex Mundi, cybercrime )