This time, the victim is an Italian financial service that confessed to the security incident. Specifically, the firm UniCredit has disclosed a data breach that exposed around 3 million customers’ records to the attackers.
UniCredit Reveals 2015 Data Breach
The Italian bank and financial service provider firm UniCredit has recently confessed to a data breach. The incident happened around four years ago and exposed 3 million records.
According to their press release, the company noticed a data file impacted during the incident having around 3 million records. However, the extent of the incident remained limited to Italian customers only. As stated by the firm,
The UniCredit cybersecurity team has identified a data incident involving a file generated in 2015 containing a defined set of approximately 3 million records limited to the Italian perimeter.
The affected data file contained various details of the customers, such as names, email addresses, city, and contact numbers. However, UniCredit has assured that the security breach did not expose any explicit personal or financial details of the users.
Consequently, no other personal data or any bank details permitting access to customer accounts or allowing for unauthorized transactions have been compromised.
Investigations Under With UniCredit
Upon discovering the incident, UniCredit began investigating the matter. They have also reported the matter to the relevant agencies, including the Police.
While they continue inquiring about the matter, they are also contacting all the customers potentially affected by this incident.
Moreover, they have also strengthened their security protocols to avoid such incidents in the future.
Nonetheless, this isn’t the first time that UniCredit has suffered a security attack. Rather they have twice suffered such security breaches, in 2016 and 2017, about which they disclosed in 2017. Both incidents collectively affected 400,000 Italian customers.
Furthermore, the company has also fallen a victim to a third-party data breach earlier this year. Specifically, the ransomware attack on the German IT firm CITYCOMP also affected UniCredit along with other CITYCOMP clients.