Skip to content
City PM
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
Friday 31 May 2024 3:33 pm

Santander data breach: 30m account and credit card details up for sale on dark web

By: Jack Mendel

Add as a preferred source on Google
Santander said data managed by an external party was accessed without authorisation
Santander said data managed by an external party was accessed without authorisation.

According to reports, Santander customer and staff data has been put up for sale on the dark web.

The details relate to the data leak reported earlier in May. Data leaked included HR details for staff, 30m customers’ bank account details, and 28m credit card numbers.

The bank, which is the eurozone’s second-largest lender, has around 210,000 staff worldwide, according to its latest quarterly report.

On 14 May Santander acknowledged the data breach had taken place, saying in a statement it “recently became aware of an unauthorized access to a Santander database hosted by a third-party provider.”

“We immediately implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers.”

The details leaked were limited to the group’s customers in Chile, Spain and Uruguay. However, the employee data leak appeared to have been more widespread. The group said data of “current and some former Santander employees of the group had been accessed.”

The BBC said the selling on of this data was noticed on a hacking forum – spotted by researchers at Dark Web Informer.

A group called Shinyhunters posted an advert claiming to have the data.

Santander declined comment on the claim the information is being put up for sale, when approached by City PM

The statement on 14 May said: “No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords. The bank’s operations and systems are not affected, so customers can continue to transact securely.”

Read more

EY grad sacked down under for allegedly accessing PM’s bank account

EY London headquarters building exterior on a sunny day, showcasing modern architecture in the citys business district

“We apologise for the concern this will understandably cause and are proactively contacting affected customers and employees directly. We have also notified regulators and law enforcement and will continue to work closely with them.”

What should you do?

Following the data breach and reports the details have been put up for sale on the dark web, experts were eager to analyse its impact.

Vonny Gamot, Head of EMEA at online protection company, McAfee, said there were a number of things people could do to protect themselves, including watching out for phishing scams and the increased use of AI.

“Strong and unique passwords are a must, which means never reusing a password for multiple accounts, apps and platforms. Using a password manager will help you keep on top of it all. 

“While a strong and unique password is a good first line of defence, enabling two-factor authentication across your accounts will help provide an extra layer of protection. 

“Recent advances in AI have helped make scams more convincing, removing the traditional hallmarks like misspelled words and bad grammar. However, one crucial tell-tale sign remains – a pressure to act, fast. 

Vonny Gamot

“Regularly monitor your accounts for any unfamiliar or unauthorised activity, such as attempted logins, messages sent from your account or transactions you didn’t make. If there is something suspicious, report it immediately. 

“And keep an eye out for an influx of phishing attacks and scams, which is common following a high-profile data breach such as this. 

“It could be an email or a text message directing you to a fake site designed to steal your personal info – either by tricking you into providing it or by stealing it without your knowledge.

“It’s always wise to keep a sceptical eye open with any requests for money or info. But if you’re ever in doubt over the legitimacy of an email or link, don’t engage with it and go directly to the source.” 

Read more

‘Why single out banks?’: Santander chief hits out at UK tax regime

Ana Botín, CEO of Santander, speaking at a business conference, addressing financial strategies and global market trends.

Share this article

  • Facebook
  • X
  • LinkedIn
  • WhatsApp
  • Email

Similarly tagged content:

Sections

  • News

Categories

  • Banking

People & Organisations

  • cycbersecurity
  • dark web
  • data breach
  • data leak
  • Santander
  • Santander data breach

Related Topics

  • Santander

Trending Articles

  • Burnham tax plans spark investor rush to bank capital gains

  • Brewdog chief executive quits after only one year

  • Nothing fails to file accounts months after dissolution threat

  • UK ‘no longer a serious place’ says Hedge fund boss after losing £200m tax battle

  • Cruyff turn: Starmer allows pubs to stay open for England World Cup game

More from City PM

  • EY grad sacked down under for allegedly accessing PM’s bank account

    Big Four
    EY London headquarters building exterior on a sunny day, showcasing modern architecture in the citys business district
  • ‘Why single out banks?’: Santander chief hits out at UK tax regime

    Banking
    Ana Botín, CEO of Santander, speaking at a business conference, addressing financial strategies and global market trends.
  • Santander: Fans to spend thousands watching World Cup from Britain

    Sport Business
    Business professionals discussing strategy in a modern office setting with a cityscape view through large windows
  • Exclusive: Santander’s Ebury eyes £100m Lumon takeover

    Fintech
    Consultancy sector and AI
  • City launches new Digital ID framework against AI fraud

    Tech
    The City PM Awards
  • Motor finance revs up City watchdog’s PR spend

    Regulation
    Close Brothers has been swallowed up in the motor finance saga.
  • Barclays and Lloyds join banking sector plan for digital ID

    Banking
    Banking app interface showing financial transactions and account balance on a smartphone screen, emphasizing digital finan...
  • For all their charm, digital banks still leave me tearing my hair out

    Opinion
    Digital bank interface showing user-friendly dashboard with financial analytics and transaction history on a modern screen

City PM — European politics, business and analysis.

Europe

  • Germany
  • France
  • Europe
  • UK & Ireland

Topics

  • Business
  • Markets
  • AI
  • Technology
  • Opinion
  • Energy

More

  • Politics
  • Economics
  • Fintech
  • Legal
  • Sport
  • Life

Company

  • About City PM
  • Editorial Policy
  • Corrections
  • Contact
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
© 2026 City PM · Published by CityPM Media, Bahnhofstrasse 65, 8001 Zürich, Switzerland
About · Editorial Policy · Corrections · Contact · Privacy