Officials at Sberbank Rossi, the largest Russian bank, have revealed some details about their investigation of a data breach that would have affected at least 200 users of the bank. According to reports from information security experts, the bank detected the incident last October 2.
However, additional local media reports mention
that the 200 affected users initially detected were only part of a sample, as
in fact thousands of users were impacted by this incident.
After detecting the incident, Sberbank officials announced an internal investigation, which has concluded that the person responsible for the data breach is a 28-year-old man employed by the bank. The culprit has already been referred to the Russian federation authorities.
Law enforcement agencies and the bank’s information
security team were able to retrieve the stolen information and collect evidence
for the trial. Russian police claim that the employee responsible for the crime
sold the information of about 5,000 Sberbank customers through hacker forums on
dark
web. Bank officials stress that most of the compromised information is
outdated or inactive.
When questioned about the incident and the
employee’s ability to access confidential information, a representative of the
bank stated: “It is practically impossible to access our databases from
the outside, as they are isolated from the rest of our IT infrastructure.”
In addition, the representative stated that “the compromised information
is also not useful for performing fraudulent bank movements”.
Eventually, the bank made the decision to
reissue credit cards belonging to potentially affected customers and published
some details about the costs of the attack. The recently implemented procedure
for reporting security incidents in banks and payment operators requires
affected organizations to submit to the authorities a well-detailed report on
the financial impact of these incidents for the organization and its users.
While this is not a hacker attack as such,
information security experts consider it to be yet a further example of how a
security risk can be generated in a financial institution unexpectedly. Pavel
Livinskiy, director of the Russian-operated power company Rosseti, claims that
the Russian energy industry faces about 9 million cyberattacks a year.
“About 80% of successful attacks stem from human factor errors and
omissions, and combating these incidents costs the Russian federation about 2
billion roubles ($31 million USD) a year,” Livinskiy adds.
Regardless of its size or whether it is a
private company or is operated by the government of a country, any organization
is exposed to data breach incidents, which could represent huge economic losses
and severe image damage, so it is vital to ensure any possible attack vectors.
As it has been mentioned by information security specialists from the
International Institute of Cyber Security (IICS), although companies invest
thousands of dollars in software solutions, it is also necessary to train
employees to consolidate a global environment cybersecurity and less exposed to
threat actors.
