Personal Information of Nearly 900,000 Banking Customer of Three Major Russian Banks Leaked Online (Jun 11, 2019)
Three Russian banks, Alfa Bank, HCF Bank, and OTP Bank, have confirmed that financial data and Personally Identifiable Information (PII) associated with approximately 900,000 clients was publicly accessible on four different databases. Approximately 800,000 records belonged to customers of OTP Bank dating back to 2013 were found in a file in a database that the bank stated to have no knowledge of its origins. The file contained information including: addresses, approved credit limit, names, passport details, and phone numbers. DeviceLock researchers discovered two databases containing data of Alfa Bank associated with 55,000 customers in one (dating back to 2014-2015), and 504 records in the second (dating back to 2018-2019) consisting of: addresses, names, place of work, and phone numbers in one database, and account balance (limited to 130,000-160,000 rubles ($2,500-$3,000 USD)). The database that contained customer data of HFC Bank consisted of 24,4000 records that consisted of addresses, credit limit, names, passport details, and phone numbers.
Recommendation: The exposure of Personally Identifiable Information (PII) requires affected individuals to take precautionary measures to protect their identity and their finances. Identity theft services can assist in preventing illicit purchases, or applying for financial services from taking place by actors using stolen data. It is crucial for your company to verify that access control is configured correctly prior to adding any sensitive data. As this story portrays, a misconfigured database has the potential to cause significant harm to individuals and a company’s reputation.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.