Russia's Sberbank hit with huge data leak
Insider threat likely responsible for the breach
The state-owned Russian banking and financial services company Sberbank is currently investigating a potential data leak which the newspaper Kommersant has reported may be the largest ever in Russian banking history.
In a statement, the firm said that the leak could have affected at least 200 of its customers. However, according to Kommersant, 200 entries were just a sample to lure in potential buyers by an unidentified online seller who claims to have data on 60m credit cards including accounts and cards which have already been closed.
The newspaper even verified the database's authenticity by asking the unknown seller to provide information on its own reporters that turned out to be both correct and up-to-date.
- Russia's largest search engine hacked by Western intelligence agencies
- An inside look at Russia’s cybersecurity market: a Q&A with BI.ZONE
- Data leak reveals how Russia uses telecoms for surveillance
The seller is seeking eight cents per entry according to Kommersant and they could end up making quite a lot by selling stolen information on Sberbank's 18m active credit card customers.
Insider threat
Sberbank and Kommersant both believe that the data leak was most likely the work on an insider with criminal intent and Sberbank provided more details on its investigation into the matter in a press release, saying:
“An internal investigation is underway. Its results will be unveiled in a separate statement. A criminal wrongdoing of an employee is the primary lead, as no breach could have occurred from the outside – the database is isolated and has no outer network access.”
Kommersant was first tipped off regarding the Sberbank data breach by the cybersecurity company DeviceLock who said that data sets on some of Russia's largest banks are available on the dark web but none of these are as large as comprehensive as the recently leaked Sberbank data set.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
While this might not be a traditional data breach, it highlights the potential risk that insider threats pose to all businesses and the damage they can cause.
- We've also highlighted the best data loss prevention services of 2019
Via Reuters
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.