Third-party data breach at Santander impacts thousands of employees

A third-party-run database at Santander has suffered a breach impacting both customers and employees at the bank.

After an investigation, Santander found that customer data in Chile, Spain and Uruguay was accessed during the breach, while all of the bank’s current employees across the group were impacted by the incident.

Santander currently has more than 211,000 employees around the world.

Some ex-staff members also had their information accessed in the breach.

"We recently became aware of an unauthorised access to a Santander database hosted by a third-party provider," said the bank in a statement. "We immediately implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers."

The Spanish bank assured customers that no transactional data or credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords.

None of Santander's operations or systems were impacted by the data breach.

"We apologise for the concern this will understandably cause and are proactively contacting affected customers and employees directly," continued Santander. "We have also notified regulators and law enforcement and will continue to work closely with them."

Guy Golan, chief executive and executive chairman of UK cyber firm Performanta, told FStech that while Santander has done the right thing by issuing a statement on the incident, the bank has fallen short on establishing who was responsible for the breach.

"The issue is the confusion on third parties," he said. "Santander has not established who the third parties are, whether they themselves were malicious or not or how access was made."

The chief executive praised the bank for mentioning mitigating factors and database monitoring, however explained that as Santander is a multinational bank it's likely these methods have been in place for a long period.

"Their ability to respond proactively has been lacking which means Santander has not been able to truly defend itself from future attacks; the bank only responds what has already happened and caused damage," he continued. "Early detection was certainly a positive in this case, but it relies too much on luck."

Santander declined FStech's request for further comment.

Share Story:

Recent Stories

Safeguarding economies: DNFBPs' role in AML and CTF compliance explained
Join FStech editor Jonathan Easton, NICE Actimize's Adam McLaughlin and Graham Mackenzie of the Law Society of Scotland as they look at the role Designated Non-Financial Businesses and Professions (DNFBPs) play in the financial sector, and the challenges they face in complying with anti-money laundering and counter-terrorist financing regulations.

Ransomware and beyond: Enhancing cyber threat awareness in the financial sector
Join FStech editor Jonathan Easton and Proofpoint cybersecurity strategist Matt Cooke as they discuss the findings of the State of the Phish 2023 report, diving into key topics such as awareness of cyber threats, the sophisticated techniques being used by criminals to target the financial sector, and how financial institutions can take a proactive approach to educating both their employees and their customers.

Click here to read the 2023 State of the Phish report from Proofpoint.

Cracking down on fraud
In this webinar a panel of expert speakers explored the ways in which high-volume PSPs and FinTechs are preventing fraud while providing a seamless customer experience.

Future of Planning, Budgeting, Forecasting, and Reporting
Sage Intacct is excited to present FSN The Modern Finance Forum’s “Future of Planning, Budgeting, Forecasting, and Reporting Global Survey 2022” results. With participation from 450 companies around the globe, the survey results highlight how organisations are developing their core financial processes by 2030.