The most recent network attack was carried out recently on two Canadian banks, the BMO and Simplii who were said to be the targets in this unfortunate incident.
As reported, it was said that the cybercriminals made away with details of over 90,000 customers combined. Having the upper hand, the hackers then demanded a sum of $1 million worth of Ripple (XRP) cryptocurrencies before they could delete the information stolen.
For how long the details had been bridged, no one knows but reports showed that the attackers called the banks attention to what had happened. In the attack, it was said that personal details belonging to a lot of account holders in these banks such as their names, passwords, account numbers, balances, and social insurance numbers were copied from their servers.
The attackers were said to use an algorithm which quickly validated short numeric sequences like credit card details. With this algorithm, it was easy to pose as account holders who were trying to recover a forgotten password.
In their words, they said:
“They were giving too much permission to a half-authenticated account which enabled us to grab all these information. [The bank] was not checking if a password was valid until the security question was input correctly.”
In the email sent to the banks, it was clearly stated that the attackers said they would leak the copied information to fraudulent forums and community and probably the dark web if the end of the day did not pay the stated amount for ransom, 28th of May.
As reported by CBC News Agency when trying to confirm if the payment was made as asked. BMO confirmed that their bank policies don’t allow negotiating with criminals.
“Our practice is not to make payments to fraudsters. We are focused on protecting and helping our customers.”
A spokesperson from Simplii Bank also said:
“We are continuing to work with cybersecurity experts, law enforcement, and others to protect our Simplii clients’ data and interests.”
The banks have since contacted the victims who their information was bridged, and reports say that most of the customers contacted were very distressed by what happened. Most especially, they were bothered that such loopholes would exist which could lead to such occurrence.
It’s still unclear until now why the cyber attackers haven’t asked for other cryptocurrencies which were worth way more than the Ripple. But it’s certain they had demanded cryptocurrencies because of it’s untraceable and anonymity features.