In a recent cyber incident, financial giants HSBC & Barclays have fallen victim to a significant data breach, exposing sensitive information to potential exploitation. The breach, which occurred in April 2024, originated from a breach within a direct contractor of both banks, allegedly orchestrated by individuals identified as @IntelBroker and @Sanggiero. This actors’ popularity and the frequency of their attacks are high, yet doubts persist regarding the veracity of the data they sharing.
The compromised data, which includes Database Files, Cert files, Source Code, SQL files, JSON config files, and Compiled Jar files. This data poses a serious threat to the privacy and security of both customers and the banks themselves.
Among the files made available for download are:
- notary_request_2024.csv: 512K lines containing “reg_id,” “updated_ts,” “reg_id,” “created_ts,” and more.
- ledger_summary_2024.csv: 241K lines with “primary_account_number,” “message_code,” “opening_balance,” “transaction_type,” and more.
- transaction_2024.csv: 1 million lines featuring “transaction_number,” “transaction_id,” “code,” “amount,” and more.
- notification_2024.csv: 501K lines comprising “user_id,” “event_id,” “is_delivered,” “is_action_complete,” and more.
Strengthening supply chain resilience through robust security measures and continuous monitoring is essential to prevent cyber incidents from spreading across interconnected networks. Companies need to be aware of the security measures in place at the companies they collaborate with, especially when they are involved in joint projects.
