Cyber Security Solutions, Compliance, and Consulting Services - IT Security

We offer It security management, data, network, & Information security services for protecting information & mitigating security risks to your organization.

40 Million User Records from Largest Commercial Bank in Ukraine Sold Online

cyber security

An anonymous individual posted an offer on a popular hacking forum where the threat actor was selling the database of PrivatBank, Ukraine’s largest commercial bank. The database in question was 40 million records strong, which PrivatBank denies being it’s own. 

Following an investigation by the Ukrainian bank, their representatives claimed the offer to be a fraudulent scam made up of publicly available pooled resources by fraudsters who have never possessed any of the Ukrainian banks’ or financial institutions’ data.

A Look into the ‘Stolen’ Database 

The 40 million records contained within the supposedly breached database followed the following data field items: 

  • Date of Birth
  • Full Name
  • Place of Birth 
  • Family Status 
  • Passport Information 
  • Car Availability 
  • Taxpayer Identification Number (TIN)
  • Phone Number 
  • Education History 
  • Viber Contacts (if applicable)

The poster of that sale even showed two samples from the data set following the data scheme given above. The anonymous author of the post demanded $3,400 in bitcoin to be transferred into their bitcoin wallet as a form of payment. Upon checking the account, it supposedly showed that no purchase of the database had taken place, but it’s likely that a new bitcoin wallet was created for every transaction, an operation that can be executed automatically. 

PrivatBank: A History of Similar Troubles 

Although the Ukrainian bank denies the poster’s claims of successfully stealing 40 million of the bank’s user records, it does have a rather damning history of encounters with cybercrime. 

  • In retaliation to a $10,000 bounty offered by a PrivatBank partner to capture Ukraine-based Russian militants, a pro-Russian hacker group going by the name of CyberBerkut claimed responsibility for mining customer data from the bank in 2014 and posting it on VKontakte, a Russian social media platform.
  • In 2014, Green Dragon, another group of hackers reportedly orchestrated a DDoS attack on the back and even stealing some customer data in the process.
  • In 2016, hackers had reportedly exploited a critical loophole in the SWIFT international banking system to steal $10 million from PrivatBank.
  • The bank was even nationalized in 2016, when it had 20 million customers, to ‘protect deposits in the bank’ and ‘rescue the financial system’.
  • A US corporate investigations company generated a report in 2018 that the bank was even subjected to a coordinated, large-scale fraud that lasted 10 years till ending in December 2016. PrivatBank has suffered at least $5.5 billion in losses due to this mega-fraud.

PrivatBank claimed that all of their user data was protected by multiple layers of security that rendered the theft of data virtually impossible. Moreover, and more importantly, the 40 million figure of supposedly stolen records was quite larger than the number of adults living in Ukraine.  

What Should the Customer Do in These Cases?  

  • Using online leak checkers to confirm if their accounts are breach free
  • Change passwords regularly
  • Watch suspicious emails
  • Two factor-authentication systems
  • Employ identity theft monitoring systems