UniCredit says 400,000 ac­counts hacked, ex­pos­ing bi­o­graph­i­cal and loan data

Muscat Daily - - BUSINESS -

Mi­lan, Italy - UniCredit SpA said hack­ers ac­cessed about 400,000 client bank ac­counts in Italy, tak­ing bi­o­graph­i­cal and loan data in one of the big­gest breaches in Europe to date.

The in­ci­dents oc­curred in Septem­ber and Oc­to­ber of 2016 and June to July of this year, the bank said on Wed­nes­day in an emailed state­ment.

Unau­tho­rised ac­cess was gained through an Ital­ian third­party provider to some cus­tomer data re­lated to per­sonal loans, with the lender say­ing IBAN num­bers and other per­sonal data may also have been reached. A spokesman de­clined to iden­tify the third party in­volved.

The most re­cent at­tacks were de­tected be­tween Mon­day and Tues­day and led to the dis­cov­ery of the in­ci­dents that took place last year, two peo­ple fa­mil­iar with the mat­ter said, ask­ing not to be iden­ti­fied.

“This is the first at­tack tar­get­ing an Ital­ian bank and con­firms that IT sys­tems, par­tic­u­larly in Italy, need mas­sive in­vest­ment to avoid a loss of con­fi­dence,” said Francesco Con­fuorti, chief ex­ec­u­tive of­fi­cer of Ad­van­tage Fi­nan­cial SA, a Mi­lan-based in­vest­ment firm.

The breach at UniCredit in­volved cus­tomers with fi­nanc­ing and con­sumer-credit loans, Daniele Tonella, CEO of UniCredit Busi­ness In­te­grated So­lu­tions, the IT unit of the bank, said in a phone in­ter­view.

The bank’s IT de­part­ment dis­cov­ered anom­alies while con­duct­ing checks, find­ing that some users from an ex­ter­nal com­mer­cial part­ner were ac­cess­ing client data. UniCredit, im­me­di­ately blocked the in­trud­ers, closed the breaches and up­graded the sys­tem, Tonella added.

“There aren’t ma­te­rial dam­ages for the bank and its clients from these at­tacks,” Tonella said.

“No data, such as pass­words al­low­ing ac­cess to cus­tomer ac­counts or al­low­ing for unau­tho­rised trans­ac­tions, has been af­fected.”

Newspapers in English

Newspapers from Oman

© PressReader. All rights reserved.