Main U.S. industrial financial institution Truist confirmed its programs have been breached in an October 2023 cyberattack after a risk actor posted among the firm’s information on the market on a hacking discussion board.
Headquartered in Charlotte, North Carolina, Truist Financial institution was shaped after SunTrust Banks and BB&T (Department Banking and Belief Firm) merged in December 2019.
Now a top-10 industrial financial institution with complete property of $535 billion, Truist presents a variety of companies, together with shopper and small enterprise banking, industrial banking, company and funding banking, insurance coverage, wealth administration, and funds.
A risk actor (often known as Sp1d3r) is promoting what they declare is stolen information containing info belonging to 65,000 staff for $1 million, as first noticed by DarkTower intelligence analyst James Hub.
Whereas BleepingComputer couldn’t independently confirm these claims, the information additionally allegedly incorporates financial institution transactions with names, account numbers, balances, and IVR funds switch supply code.
”In October 2023, we skilled a cybersecurity incident that was shortly contained,” a Truist Financial institution spokesperson advised BleepingComputer when requested to touch upon the risk actor’s claims.
“In partnership with exterior security consultants, we performed an intensive investigation, took extra measures to safe our programs, and notified a small variety of purchasers final Fall,
When requested if this was linked to the continuing Snowflake assaults, the spokesperson stated, “That incident isn’t linked to Snowflake. To be clear, we have now discovered no proof of a Snowflake incident at our firm.”
“We usually work with legislation enforcement and outdoors cybersecurity consultants to assist shield our programs and information,” the Truist Financial institution spokesperson added.
“Based mostly on new info from the continuing investigation of the October 2023 incident, we have now notified extra purchasers. We have now discovered no indication of fraud arising from this incident presently.”
The identical risk actor additionally sells information stolen from cybersecurity firm Cylance for $750,000, together with databases allegedly containing 34,000,000 buyer and worker emails and personally identifiable info belonging to Cylance clients, companions, and staff.
Cylance confirmed the legitimacy of their claims, stating that it is previous information (from 2015-2018) stolen from a “third-party platform.”
Sp1d3r additionally beforehand put up on the market 3TB of knowledge belonging to automotive aftermarket components supplier Advance Auto Components on the identical hacking discussion board, stolen after breaching Advance’s Snowflake account.
