Truist Bank confirms data breach after stolen data appears online
The cybercrime gang Sp1d3r is making quite a name for itself as it now sells sensitive data on thousands of Truist bank employees.
Truist is a major US commercial bank founded in late 2019 following the merger of SunTrust Banks and BB&T, and now has $535 billion in assets under management (assets under management). It offers various banking services, from consumer and small business banking, commercial banking, corporate and investment banking, to insurance, wealth management and payments.
Sp1d3r says they stole information on 65,000 employees, including bank transactions containing names, account numbers, balances and the source code of the IVR transfers. The going price is $1 million.
No connection to Snowflake
The breach apparently happened in October 2023, but Truist only confirmed this now, when the data went on sale.
“In October 2023, we experienced a cybersecurity incident that was quickly contained,” a Truist Bank spokesperson said. BleepingComputer. “Working with external security advisors, we conducted a thorough investigation, took additional measures to secure our systems and notified a small number of customers last fall.
For those unfamiliar with the name Sp1d3r, it’s a threat actor that recently sold sensitive data on 358,000 employees of top US automaker Advance Auto Parts, as well as 380 million customer profiles, and plenty of other information. The going price was $1.5 million.
Sp1d3r also sold 34 million emails and other personally identifiable information (PII) from customers, employees and partners of cybersecurity giant Cylance, for $750,000.
Since Sp1d3r’s breach of Advance Auto Parts occurred through data storage provider Snowflake, the media speculated that the same could be the case here. However, Truist’s spokesperson confirmed that this had nothing to do with Snowflake.
“To be clear, we have found no evidence of a Snowflake incident at our company.”