News

UniCredit Bank reports data leak of 3 million customers

UniCredit Bank reports a data leak that affected 3,000,000 users.

So far, the bank has not revealed many details of the incident. It is unclear, how exactly the leak occurred, it is only known that the root of the problem lies in the compromise of only one file, dated as far as 2015. This file contained information only about UniCredit’s Italian customers, including their names, information about cities of residence, phone numbers and email addresses.

“In total, roughly three million records were exposed, revealing the names, telephone numbers, email addresses, and cities where clients were registered”, — report in the bank.

It is emphasized that the records did not contain any other personal data or bank details that could allow attackers to gain access to customer accounts.

“The records consist of names, city, telephone number and email only. Consequently no other personal data or any bank details permitting access to customer accounts or allowing for unauthorized transactions have been compromised”, — report in UniCredit.

Therefore, those involved in the breach have lost Personally Identifiable Information (PII) which can be used in social engineering campaigns and potentially contribute to identity theft, but the chance of unauthorized transactions caused by the data leak is slim.

Read also: Leading IT companies teamed up to form an alliance to protect industry

Currently the company is conducting an internal investigation of the incident and has already notified the relevant authorities, including law enforcement, about the incident. Affected users will be informed of the compromise by email or through online banking.

“Customer data safety and security is UniCredit’s top priority and since the 2016 launch of Transform 2019, the Group has invested an additional 2.4 billion euro in upgrading and strengthening its IT systems and cyber security”, — report in UniCredit bank.

However, this is not the first case that UniCredit faced data compromise incident. In July 2017, the bank said it was the victim of data theft because a third-party provider gained access to the data of an Italian clients without consent or permission.

Occurred two separate violations of security; one in the period from September to October 2016, and the other in the period from June to July 2017. Information belonging to approximately 400,000 Italian customers, including PII and IBAN, has been affected.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

1 day ago