The Italian branch of UniCredit just revealed information about a data breach involving the personal records of 3 million clients. This is the third security incident affecting Italy’s top bank in recent years, Reuters reported.
UniCredit Data Breach Affects Millions of Italian Clients
Currently, there is no information how the breach happened, and the internal investigation is ongoing. The Italian police is also working on the case, and are performing checks related to an unauthorized access to the 2015 file to see whether there are any signs of cybercrime.
Apparently, this breach took place in 2015 and is related to a file from the same year containing emails and phone numbers of millions of Italians customers. The bank has spent 2.4 billion euros since 2016 to upgrade its systems and improve their protection mechanisms.
According to UniCredit’s official statement, the breached information didn’t contain any details that would allow access to customer accounts. The compromised data can’t be used to carry out unauthorized financial transactions, either. Affected customers are receiving notifications by post or online.
Initial evidence of the data breach first appeared last Thursday and was then confirmed during the weekend. As a result, UniCredit had to immediately inform all relevant authorities including the police, a spokesman for UniCredit said.
This is not the first case of a data breach affecting UniCredit. In July 2017 the institution announced that it had suffered two security breaches in less than a year. The financial company had been breached in Italy due to unauthorized access. The breach was possible via an Italian third party provider and was related to Italian customer data of personal loans.
In the 2017 breach, data of 400,000 customers in Italy was compromise. No data, such as passwords allowing access to customer accounts or allowing for unauthorised transactions, was affected, whilst some other personal data and IBAN numbers might have been accessed, the company’s statement revealed.