Santander employee and customer data stolen in major cyber attack

Santander is the latest victim of a cyber attack – hackers have accessed the data of all employees and millions of customers abroad, the bank confirmed.

A hacker group was reportedly behind a similar data theft at Ticketmaster that came to light earlier this week.

In the course of the data theft, certain information on all current and some former Santander employees as well as on customers in Spain, Chile and Uruguay was stolen, the credit institution said.

“The database does not contain any transaction data or other access data that would enable transactions on accounts, including online banking data and passwords,” it said.

Santander employs around 200,000 people worldwide, including around 20,000 in the UK.

No customer data in the UK or any of its other markets was affected.

“We apologize for the understandable concerns this has caused and are proactively contacting affected customers and employees directly,” the bank said in a statement released earlier this month.

The company also stressed that its banking systems were not affected and that customers could continue to “conduct secure transactions.”

The hacker group ShinyHunters reportedly claimed responsibility for the cyberattack and said they stole the personal information of millions of people.

According to Dark Web Informer, a researcher that uncovers threat alerts and security breaches, ShinyHunters allegedly sold access to Santander’s database to a “one-time” buyer for $2 million (£1.6 million).

The hackers said Santander was “also welcome” to purchase the data itself.

Santander has not commented on the veracity of these allegations.

On Thursday, it was revealed that Ticketmaster was the target of a cyberattack and ShinyHunters allegedly demanded a ransom of around £400,000 to prevent the data from being sold on the dark web.

Ticketmaster has not publicly confirmed the breach.