Interbank, a prominent financial institution in Peru, has acknowledged a data breach following the unauthorized access of its systems by a threat actor who subsequently leaked the compromised data online. Formerly known as the International Bank of Peru (Banco Internacional del Perú), the institution serves over 2 million clients.
In a statement released today, Interbank noted, “We have determined that certain client data has been disclosed by a third party without our consent. In response to this incident, we have promptly implemented enhanced security measures to safeguard our clients’ operations and information.”
Customers have reported disruptions in the bank’s mobile application and online services throughout the day, reminiscent of a separate outage experienced two weeks prior. However, Interbank has reassured that the majority of its services are now operational and that client deposits remain secure.
“We wish to reassure our clients that Interbank is committed to the security of your deposits and all financial products. Most of our service channels are functioning. Once we complete a thorough review, we will restore operations across the remaining channels,” the bank further stated.
Although the bank has not yet revealed the specific number of customers affected by the breach, it has come to light through Dark Web Informer that a threat actor operating under the alias “kzoldyck” is marketing data purportedly stolen from Interbank on various hacking forums.
This individual claims to have acquired sensitive information from Interbank customers, including full names, account IDs, birth dates, addresses, phone numbers, email addresses, IP addresses, credit card details, CVV numbers, expiration dates, transaction information, and other confidential data, including plaintext credentials.
“More than 3 million customers’ information is at risk, and in addition to the data I have shared here, I possess clear usernames and passwords for customers, which could facilitate access to bank accounts from within the Peru IP block (subject to biometric photo validation for some),” the threat actor stated.
