Skip to main content

Belgian bank Elantis blackmailed by hackers over unencrypted customer data

posted onMay 4, 2012
by l33tdawg

Hackers claimed to have breached the systems of the Belgian credit provider Elantis and threatened to publish confidential customer information if the bank does not pay €150,000 (£122,000) before Friday, May 4, they said in a statement posted to Pastebin. Elantis confirmed the data breach on Thursday, but the bank said it will not give in to extortion threats. 

The hackers claim to have captured login credentials and tables with online loan applications which hold data such as full names, job descriptions, contact information, ID card numbers and income figures. They demanded a payment of "the equivalent of roughly €150,000", with which Elantis could prevent the publication of confidential customer information, they said in a Pastebin post published on Tuesday. According to the hackers the data was stored unprotected and unencrypted on the servers. To prove the hack, parts of what they claimed to be captured customer data were published.

"While this could be called 'blackmail,' we prefer to think of it as an 'idiot tax' for leaving confidential data unprotected on a Web server," they said. The hackers contacted the bank via email last Friday, said Moniek Delvou, spokeswoman for Belfius Bank (formerly known as Dexia), Elantis' parent company. "We assume they possibly captured the data of 3,700 customers," Delvou said, adding that the compromised data could belong to existing and potential customers. Elantis customers were informed of the data breach, according to Delvou.

Source

Tags

Belgium Hackers Encryption Industry News Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th