Get exclusive analytics and cryptocurrency data on Hacked.com for only $ 39 a month
Hackers who stole the personal information of tens of thousands of customers from two Canadian banks are threatening to publish this data online. banks pay them $ 1 million in XRP.
CBC News regional media reports that Bank of Montreal (BMO) and Simplii Financial have been violated successfully over the weekend, allowing hackers to access sensitive personal and financial information belonging to more 90,000 customers. The stolen information included names, passwords, account numbers, security questions and answers, account balances, and social insurance numbers.
According to the emails allegedly sent by the perpetrators, hackers hold this data for ransom and will dump it online unless the banks send them 1 million XRP tokens from Ripple, which is currently the fourth cryptocurrency by market capitalization.
"We warned BMO and Simplii that we would share information from their customers if they did not cooperate," said the email, which appears to have been sent from Russia. "These profiles will be disclosed on the fraud forum and fraud community as well as on the remaining 90,000 if we do not receive payment by May 28, 2018 at 11:59 pm."
The hackers explained that they were able to break the sub-par banking security by using an algorithm to generate account numbers and masquerade as customers who had forgotten their passwords .
"They were giving too much permission to a semi-authenticated account that allowed us to enter all this information," said the email, adding that the system "did not check if a password was valid until it was". the security question is correctly entered. "
The attackers also included an example of each bank's customer dataset to prove that they had bypassed the security protocols of the institutions.
The deadline for submitting to the ransom demand has now passed, but it is not clear if fraudsters have threatened to disclose customer data on the Web. In any case, it does not seem that the institutions have the intention to pay the ransom.
"Our practice is not to make payments to fraudsters," said the Bank of Montreal in a statement. "We focus on protecting and helping our customers."
Image from Shutterstock
Follow us on Telegram.