Russia’s Sberbank catches internal culprit of data leak
Moscow-based Sberbank has caught the culprit of a potential leak of its customers’ personal data, as reported by cybersecurity company DeviceLock and the national newspaper, Kommersant.
Sberbank announced that the perpetrator was one of its own employees in a statement on 7 October, noting that the leak could have affected at least 200 of its customers. According to the Kommersant report, 200 entries were just a sample offered to potential buyers by an unidentified online seller who claimed to have data on 60 million credit cards, including accounts and cards that have been closed. Sberbank currently has around 18 million active credit card customers.
The investigation, with the help of Russian law enforcement agencies, has ended and determined that the bank’s employee tried to steal the data for personal gain.
The employee, who has confessed and is now facing procedural actions, was a head of one of the bank’s divisions and had access to databases as part of his job and vital clues proving the culrpit’s crime have been collected and documented.
The bank promises “there is no threat of further data leakage now”, after reporting just 200 credit cards as compromised in a statement on 3 October 2019. Sberbank also confirms that the “clients’ funds were safe at all times”.
“On behalf of the entire Sberbank team and myself let me once again apologise profusely to the 200 customers for the incident and to all our clients for any inconvenience this caused,” says Sberbank’s CEO and chairman of the executive board, Herman Gref. “We’ve learned a lot from what happened and we rethought our systems to mitigate the effects of human reliability.” Gref says the bank solved the crime “within hours”.
Sberbank has around 18 million active credit card accounts, so DeviceLock believes that the bulk of the data comprimised could come from closed or defunct accounts.