{"id":163956,"date":"2024-05-31T21:23:41","date_gmt":"2024-05-31T21:23:41","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=163956"},"modified":"2024-05-31T21:23:43","modified_gmt":"2024-05-31T21:23:43","slug":"shinyhunters-claims-santander-breach","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/163956\/data-breach\/shinyhunters-claims-santander-breach.html","title":{"rendered":"ShinyHunters is selling data of 30 million Santander customers"},"content":{"rendered":"
<\/div>\n

The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers.<\/h2>\n\n\n\n

A notorious threat actor ShinyHunters is offering a huge trove of data allegedly stolen from the Santander<\/a> Bank for sale. ShinyHunters claims to have stolen information for 30 million customers, employees, and bank account data.<\/gwmw><\/p>\n\n\n\n

In mid-May, the Spanish financial institution Santander disclosed a data breach<\/strong><\/a> involving a third-party provider that affected customers in Chile, Spain, and Uruguay. The bank became aware of unauthorized access to one of its databases hosted by a third-party provider.<\/p>\n\n\n\n

The company announced that it immediately implemented measures to contain the incident. The company blocked the compromised access to the database and established additional fraud prevention controls to protect affected customers.<\/p>\n\n\n\n

\u201cWe recently became aware of an unauthorized access to a Santander database hosted by a third-party provider.\u201d reads the statement<\/strong><\/a> published by the bank. \u201cFollowing an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed. Customer data in all other Santander markets and businesses are not affected.\u201d<\/p>\n\n\n\n

The compromised database contained information on all current and some former employees. <\/p>\n\n\n\n

The bank pointed out that the database did not store transactional data, online banking details, passwords, or other data that would allow someone to conduct transactions. <\/p>\n\n\n\n

\u201cNo transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords. The bank\u2019s operations and systems are not affected, so customers can continue to transact securely.\u201d continues the statement.<\/p>\n\n\n\n

The financial institution hasn\u2019t provided technical details of the incident or what kind of data was exposed. It\u2019s unclear how many individuals are impacted.<\/gwmw><\/p>\n\n\n\n

ShinyHunters is the current administrator of BreachForums<\/a>, the cybercrime forum that recently resurrected two weeks after a law enforcement operation that\u00a0seized its infrastructure.<\/p>\n\n\n\n

ShinyHunters claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, including full details of 560 million customers, for $500,000. Stolen data includes names, emails, addresses, phone numbers, ticket sales, and order details.<\/p>\n\n\n\n

On May 30, 2024, ShinyHunters published an announcement titled: “Santander Bank Data – Spain, Chile, Uruguay – Customers, CC, Bank, more” that claims country affected are Spain, Chile, and Uruguay.<\/p>\n\n\n\n

Data contains<\/p>\n\n\n\n