PKO Bank Polski, one of the largest and most significant financial institutions in Poland and Central Europe, has allegedly suffered a major data breach. A threat actor has emerged on a cybercrime forum, offering for sale a substantial amount of sensitive internal data purportedly belonging to the Warsaw-based bank. The source of the compromise is allegedly a Unified Endpoint Management (UEM) system, which has exposed a trove of information related to the bank’s employees and their connected corporate devices.
According to the threat actor’s post, the breach has exposed the personal and device information of thousands of bank staff members. The seller claims the dataset includes details on 32,815 users and 17,135 devices, as well as information concerning 80 administrator accounts. Evidence provided to support the claim suggests that the exfiltrated data is highly specific and could pose a significant security risk. The allegedly leaked data includes:
- Employee full names, email addresses, and phone numbers
- Unique device identifiers (UUID, Serial Number, MAC Address, IMEI)
- Device details such as model, operating system, and ownership status
- User and location group information
