Several internet security experts from a cyber security firm has just uncovered what appeared to live a huge data leakage from one of the largest banks in Europe. Santander Bank, formerly known as sovereign Bank, is a Spanish-owned multinational institution, commercial bank, and financial services troupe based in Madrid and Santander in Spain.
Its been known for its vast banking operations in Europe, but it has since extended its operations across the globe, with multiple branches and offices in North and South America, and just recently, in Southeast Asia. Santander is Spains largest bank, the 5th largest cant in all of Europe, and ranked 16th in total assets under management globally for all banking institutions.
It is perhaps due to this global coverage that the banking firm has somehow lost a fleck of its grasp on ace of its branches. The banks Belgian unit, Santander Consumer Bank, just had a slight coding misalignment in its blog website which readily allowed for the files in it to be indexed. These indexed files included a JSON file and an SQL dump, which in any hackers hand can prove to be a goldmine, if we mouth about phishing attacks and identity theft.
To break understand the contents of the leaked contents, the JSON file has in it the Banks Cloudfront API Keys. With these keys, hackers can exfiltrate and piddle use of the banks contents for their have benefit. These include, but not limited to photos, videos, documents, and other static files.
One lesson is if a document, lets say an MS-Word file or PDF that contains sensitive information (payment account numbers) is hosted on Cloudfront, the hacker can just switch out that information and replace it with one of their own (hackers account numbers) and they should be able to steal the money for their own. The customer or even the bank wouldnt know it happened.
Another example, commonly used by hackers, is when an exposed static HTML file is hosted. The hacker can easily replace the primary website (bank portals payment or online account system) with i of their own, a completely identical website. This will enable the hackers to collect all the banks users account information and their money. All of this, while allay on the banks official website. Both the customers and the bank wouldnt be able to recount the difference.
The leakage was immediately disclosed to the bank and all the proper patches and security protocols experience been put in place. According to the Banks representative, the incident was limited only to the banks blog site in Belgium. The said blog contained only publicly available information, and no customer account data or any other critical information was exposed. The banks fork certificate team was quick to call the issue, says the representative.
As a recommendation to the banks customers and other banks customers, puddle it a use to always chequer your banks official domains and sub-domains for anything suspicious or out of the ordinary. This means every visit to their online portals, every app, and every email you receive must be carefully inspected to pee-pee sure that it is indeed the bank you are working with. It wouldnt harm for you to check, after all, its your money.