Banco Santander has made public this Tuesday that it has suffered “unauthorized access” to a database that contains information on the entity’s clients, both from its local operations and from its subsidiaries in Chile and Uruguay. According to the information sent this afternoon to the National Securities Market Commission (CNMV), all employees and some former collaborators of the company are also affected. The bank has specified that this is information stored on a server managed by a provider.
The entity chaired by Ana Botín has confirmed that this fact does not pose a danger to its clients’ savings, since “there is no transactional information or access credentials or internet banking passwords that allow operating with the bank” within the information. hosted on the server. In any case, the company has warned that it has implemented “measures to manage the incident”, such as blocking access to the database and strengthening fraud prevention. For now, Santander has confirmed that “in the rest of the entity’s markets and businesses there is no data on affected customers.”
The quick notification by the bank to the markets regulatory body is not coincidental. Entities have the obligation to quickly inform the financial authorities of any type of cyber incident and, if they do not do so, they are exposed to million-dollar fines. This is how he suffered Abanca due to an internet incident that occurred in February 2019, which earned him a sanction from the European Central Bank (ECB) for 3.15 million euros for delaying 46 hours in giving the formal notice. “The bank’s omission hampered the ECB’s ability to adequately assess Abanca’s prudential situation and react in time to potential threats to other banks, which could have had potential consequences for the reputation and stability of the banking sector as a whole,” the European banking supervisor pointed out in 2022.
On social networks, the first comments from customers indicate that, for the moment, there has been no official communication from the entity to its customers, despite the fact that Santander has detailed that it is “proactively informing directly affected customers and employees.” Santander’s profiles on X, the platform formerly known as Twitter, also make no mention of the event. The situation contrasts with what the subsidiaries do in Chile and Uruguay, which show important communication as soon as their web pages are accessed.
In March of this year, Spanish Santander customers took to social networks to report a computer error due to which charges appeared in their accounts twice. At that time, the entity responded that it was a “display error” and denied that it was unauthorized access to its systems.
Cyberstress
The resilience of European entities to cyberattacks and unauthorized access to their databases is one of the ECB’s main concerns. At the beginning of the year, the banking supervisor announced that it would begin conducting tests to evaluate the abilities of 109 European entities to recover from a cyber attack. The military conflict in Ukraine and the increase in virtual crimes accelerated the plans of the organization chaired by Christine Lagarde to try to shield the daily operations of European consumers.
Santander, CaixaBank and Cajamar, along with other large European banks such as Deutsche Bank and Credit Agricole, were chosen to carry out a simulation and check how their systems respond to an attempt by hackers to access sensitive information or paralyze operations.
Follow all the information Five days in Facebook, x and Linkedinor in our newsletter Five Day Agenda
Newsletters
Sign up to receive exclusive economic information and the financial news most relevant to you
#Banco #Santander #warns #unauthorized #access #data #clients #Spain