Santander hit by massive hack — "all staff" and 30 million customers affected

Data Breach
Image Credit: Shutterstock (Image credit: Shutterstock)

The recent data breach at Santander Bank affected not just millions of customers, but also all of its staff, new reports have claimed.

The banking giant recently issued a breach notification letter saying following a supply chain attack, an unauthorized third party had accessed a database with sensitive customer information. It was later discovered that the attackers stole data from Santander’s banks in Chile, Spain, and Uruguay, while the rest of the world was not affected.

Now, researchers from Dark Web Informer found the infamous ShinyHunters hacking collective selling the database on the dark web, BleepingComputer reports.

Grabbing the spotlight

As per the hackers’ sales ad, the database contains personal information of 30 million customers and employees, as well as 28 million credit card numbers, as well as 6 million account numbers and balances. The asking price is $2 million.

As usual, the sales ad came with a small sample of the data to prove the claim’s legitimacy, but so far no threat researcher could confirm, or deny, the database belonging to Santander.

BleepingComputer pointed out that as per Santander’s Q1 2024 financial report, the company has fewer than 20 million customers across Chile, Spain, and Uruguay, while ShinyHunters are claiming 30 million.

Ever since the takedown of BreachForums, and the arrest of Baphomet, ShinyHunters have been getting plenty of limelight. A few weeks back, law enforcement temporarily disrupted BreachForums, the world’s biggest underground forum for hackers. It was a place where cybercriminals shared stolen data, malware, and other warez. The police also arrested a person with the alias Baphomet, who allegedly set up and was running the forum, together with ShinyHunters.

Since Baphomet’s arrest, ShinyHunters took over, restoring the forum and making a few high-profile breaches, most likely to restore the confidence and engage in little PR. So, besides the Santander breach, ShinyHunters also targeted Ticketmaster recently, leaking sensitive information on more than 500 million users on the forums.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.