Lately we have seen many attacks on banks, this time the malicious actors have turned to two Canadian banks. According to information security experts, hackers have stolen financial information from more than 90,000 customers. One of the affected banks is the Bank of Montreal (BMO), the fourth largest bank and credit institution in Canada, part of the Canadian Imperial Bank of Commerce, with more than 8 million customers.
This bank issued an official statement in which it affirmed that malicious actors contacted the bank on Monday saying they had personal and financial information of their 50,000 clients.
Bank representative Paul Gammal commented: “Measures were taken immediately when the incident occurred and we are confident that the identified exposures related to customer data have been closed.”
The Bank of Montreal revealed that in the incident there was a threat to make the stolen data public if the attackers do not receive the payment.
The bank said it will not provide any of the demands: “We do not make payments to scammers, we are dedicated to protecting and helping our clients, we have already notified and are working with the relevant authorities as we continue to assess the situation.”
Information security professionals found similarities with another hacking attack on Simplii Financial, an online bank, so they believe the attack originated in a foreign location.
Over the weekend, the company Simplii Financial, owned by CIBC, reported that the malicious players informed them that the bank was white and that personal and accounts data of 40,000 customers were stolen.
Michael Martin, vice president of Simplii Financial, commented that the bank is gathering information and has already implemented measures to optimize the bank’s security measures. Martin also said that the bank will return 100% of the amount lost to the victims.
“If one of our customers is a victim of fraud due to this problem, we will refund 100% of the money lost from the affected account,” Martin said.
The attackers demanded a ransom of $ 1 million from the two banks attacked. In the email sent to the banks, the malicious actors threatened to sell the information to the criminals if the banks did not pay the ransom before the end of the day.
According to information security analysts, the email contained a sample of the stolen data, which included names, SIN, birth dates and account balances for a man and woman based in Ontario.
“Simplii and BMO customer information will be used to request credit for the products using the social security number, date of birth and all personal information,” the email said.
The woman confirmed that all the information in the email was authentic. On the other hand, on Saturday, the man, based in Edmonton, reported a fraudulent transfer of $ 980 from his Simplii Financial account.
Now, the Bank of Canada has warned the country’s financial sector to stay alert as they could be vulnerable to cyber attacks.
This practice is quite unusual, alerting the attacked institutions because as soon as the company receives the notification, the information has no value.
The malicious actors had access to a certain amount of data; probably showed evidence that they had this information, and were trying to blackmail the banks, said an information security expert.
“It is disturbing that both banks discovered the stolen data of the attackers, this means that their detection and prevention measures completely failed, and the hackers alerted the victim, which shows an extortion attempt” said James Lerud, director of Verodin’s Behavioral.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.