Hackers Claim to Be Selling Almost All of PrivatBank Personal Data
Cybercriminals claim to be selling the personal details of as much as 93% of Ukraine’s population in a dataset supposedly stolen from the country’s scandal-ridden, largest public lender, PrivatBank -- something the bank has been quick to describe as incredulous, even impossible.
The purported cache of sensitive information, which was
listed via the online marketplace Raid Forum on February 8, allegedly contains
bank customers’ full names, dates of birth, passport numbers and contact
details.
The anonymous vendor claims this data relates to more than
40 million customers at PrivatBank. Ukraine has a population of 43 million
people.
However, a reported internal investigation at the lender has
called the veracity of the vendor’s claims into serious doubt.
A PrivatBank representative told cybersecurity research and
analysis outfit CyberNews that since 2017, the bank had not recorded a single
breach or incident in which information was transferred from its database.
The numbers also don’t add up: When PrivatBank was nationalized
in 2016, the lender had just 20 million customers.
“We were pleasantly surprised that 40 million people were
attributed to the number of the bank’s clients, but this figure exceeds the
total number of the country’s adult population,” the representative reportedly
said.
The online vendor has been granted “trusted status” by Raid
Forum, indicating that customers have not had problems buying from them before.
They are currently selling the alleged dataset at a going
rate of US$3,400 in BitCoin.
It does not appear the vendor has yet made any sales, but
there remains a possibility they may be hiding these by generating a new
platform for receipt of payment each time.
This isn’t the first time PrivatBank has encountered trouble
-- supposed, or actual -- from cybercriminals.
In 2016, the bank allegedly lost more than $10 million after
hackers were able to exploit a loophole in the SWIFT banking system.
This is an ordinarily secure network that allows more than
10,000 financial institutions around the world to send and receive information
about monetary transactions.
Earlier in 2014, pro-Russia hacker group CyberBerkut mined
customer data from the bank’s records before publishing the information via
Russian social media.
Nor is it merely cybercriminals who have sought to profit
from PrivatBank via deceptive means.
The lender’s nationalization in 2016 followed soon after
allegations surfaced that former owners Ihor Kolomoisky and Gennadiy Boholiubov
had embezzled at least $5.5 billion from customers.
Representing deposits made by a third of the country’s
population, the amount the pair allegedly stole was equivalent to around five
percent of Ukraine’s GDP at that time.
Multiple investigations into Kolomoisky and Boholiubov’s
financial dealings remain ongoing.
Comments
Post a Comment