Santander, a Spanish banking institution, has announced that it recently suffered a data breach in which a victim gained access to a database hosted by a third-party provider.
In the immediate aftermath of the breach, Santander moved to limit the scope of the intrusion by blocking access to the compromised database.
Fraud prevention controls were also established to protect customers who were affected by the breach, it said though a press release, which did not mention the name of the provider.
It also noted that the bank's operations and systems were not affected, which means customers can still carry out their transactions, should they choose.
In its investigation of the cyber incident, the company discovered that information relating to customers based in Chile, Spain, and Uruguay were accessed, as well as the information of select former Santander employees.
Third parties are seemingly becoming one of the primary causes of many data breaches, and Santander is not the first, nor likely the last, financial institution to experience such a disruption.
In February, Bank of America warned more than 57,000 affected customers of a data leak involving sensitive material, due to a ransomware attack on one of its technology partners, Infosys McCamish Systems.
The following month, Fidelity Investments Life Insurance Company had to notify nearly 30,000 of its customers of a third-party data breach that had compromised their information, also via IMS. And in that same month, American Express notified its customers that their credit-card information was exposed in a breach that involved a third-party service provider used by the company's travel services division.
It is unclear exactly how many customers were affected, though Santander said it is contacting affected customers and employees and has notified regulators and law enforcement.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 16 May 2024 21:15:12 +0000