Russian bank Sberbank recently suffered a massive data leak. On October 2, the company learned that credit card details of about 200 clients were compromised during the leak. The bank has now pinned the responsibility of this attack on an employee who was trying to steal these details for his personal gains.
What happened in the case?
The investigation was conducted internally by the bank’s Security Service with help from Russian law enforcement agencies. The bank has identified a 28-year-old employee who was trying to scrape off the data for making personal gains. He was working as the head of one of their divisions because of which he had access to databases of client information. The investigators have already collected and compiled proof of the crime.
The culprit has also confessed to his crimes, and the law enforcement agencies will now take action against him. The bank suggests that the employee was able to get his hands on only 200 credit cards and no further data leak was identified in their systems. It also informed customers that their funds are safe and the employee was not able to exploit the information to gain access to their funds.
Sberbank assures users
After the investigation was completed, Sberbank’s chairman of the executive board, Herman Gref released a statement apologizing for the inconvenience caused to the 200 customers whose data was compromised because of the leak. He added that the company has rehashed its systems to combat human reliability problems and said, I’d like to thank all our customers for the great trust they place in us. Let me also thank our Security Service, our BI.ZONE subsidiary, and all law enforcement agencies for the outstanding work that empowered us to solve this crime within hours.”
Sberbank faced a security concern in 2018 as well, but the bank was able to save RUB 32 billion from going to hacker’s hands. It has robust fraud monitoring systems using the latest technologies like artificial intelligence to help safeguard the bank’s system, which analyzes over 150 million transactions every day. The Security Service of the bank already processes over 3 billion events in a day. The company suggests that it suffers a DDoS attack once or twice every week.