Hackers had access to the data of several thousand customers of ING Germany. A vulnerability in the MOVEit Transfer application allowed the attackers to view names and bank account numbers. According to the bank, there are no indications that the stolen data has been misused.
ING confirms this to the Financieele Dagblad and RTL News.
ING: ‘Customers not in immediate danger’
An ING spokesman emphasized that the bank’s systems were not affected. Instead, the attackers managed to infiltrate the systems of data service provider Majorel. Majorel provides a switching service for customers who want a different bank account. The spokesperson says there are no indications that the data has been misused, for example, for phishing, help desk fraud or identity fraud.
The hackers were able to view data such as first and last names and account numbers. According to the bank, customers are not in immediate danger. The bank does point out to its customers that cybercriminals can misuse this data for fraudulent practices. For example, scammers can pose as a bank employee and ask gullible victims to transfer money to their accounts. It is also possible to make unauthorized direct debits.ING Germany is not the only German bank that hackers have attacked. Deutsche Bank, Postbank, Comdirect and Commerzbank also fell victim to the cyber attack on Majorel.
Hackers claim to have stolen data from ‘hundreds’ of companies
The hack is said to have taken place before software developer Progress disclosed the vulnerability in MOVEit Transfer in early June. The Russian hacker group Clop is said to have used this exploit to make ‘hundreds’ of victims.
These include airlines British Airways and Aer Lingus, pharmacy chain Boots, the British broadcaster BBC, the government of the Canadian province of Nova Scotia, the British payroll company Zellis, the University of Rochester, the University of Georgia, investment fund Putnam, various American banks and Gen Digital confirmed that hackers exploited the zero-day exploit in MOVEit Transfer.
Dutch companies are also victims of vulnerability
We know that hackers have attacked three Dutch companies via the Progress application. Landal GreenParks confirmed last month that the private data of about 12,000 holidaymakers may have been stolen. At Shell, the vulnerability in the application was exploited to steal data. No major IT systems would have been affected.
Finally, TomTom confirmed on Tuesday that cyber criminals would have stolen data via the application. Reportedly, 82 GB of data was captured, but the navigation company does not want to confirm that. A spokesperson says that the vulnerability has now been closed and that no data has been stolen that could have a “negative material impact on TomTom or its customers”.