Details of The Story
As reported by Bleeping Computer, Truist Bank, which is a leading commercial bank in the United States, confirmed this week that its systems were breached in an October 2023 cyberattack resulting in a threat actor posting some of the company’s data for sale on a hacking forum.
Headquartered in Charlotte, North Carolina, Truist Bank was formed after SunTrust Banks and BB&T merged in December 2019. Now a top-10 commercial bank with total assets of $535 billion, Truist offers a wide range of services, including consumer and small business banking, commercial banking, corporate and investment banking, insurance, wealth management, and payments.
The threat actor, known as Sp1d3r, is selling what he claims is stolen data containing information belonging to 65,000 employees for $1 million, which was first spotted by DarkTower intelligence analyst James Hub, the data also allegedly contains bank transactions with names, account numbers, balances, and source code for Truist Bank’s Interactive Voice Response (IVR) automated phone system for transferring funds.
Truists says that they quickly contained the breach, and through a partnership with outside security consultants conducted a thorough investigation, took additional measures to secure their systems, and notified a small number of clients. Truist has also confirmed that this incident is not linked to Snowflake, which has had a large number of customers breached.
The same threat actor also sold data stolen from cybersecurity company Cylance for $750,000, including databases allegedly containing 34,000,000 customer and employee emails and personally identifiable information belonging to Cylance customers, partners, and employees. Cylance confirmed the legitimacy of their claims, stating that it’s old data (from 2015-2018) stolen from a “third-party platform.” Sp1d3r also previously put up for sale 3TB of data belonging to automotive aftermarket parts provider Advance Auto Parts on the same hacking forum, stolen from their Snowflake account.
The Truist Bank breach underscores the ongoing challenges financial institutions face in securing their systems and protecting sensitive information. As cyber threats continue to evolve, organizations must prioritize proactive cybersecurity solutions in their cybersecurity efforts to make sure that threats are remediated before they can be exploited.
