Main U.S. industrial financial institution Truist confirmed its programs have been breached in an October 2023 cyberattack after a menace actor posted among the firm’s information on the market on a hacking discussion board.
Headquartered in Charlotte, North Carolina, Truist Financial institution was fashioned after SunTrust Banks and BB&T (Department Banking and Belief Firm) merged in December 2019.
Now a top-10 industrial financial institution with whole belongings of $535 billion, Truist gives a variety of providers, together with shopper and small enterprise banking, industrial banking, company and funding banking, insurance coverage, wealth administration, and funds.
A menace actor (generally known as Sp1d3r) is promoting what they declare is stolen information containing info belonging to 65,000 staff for $1 million, as first noticed by DarkTower intelligence analyst James Hub.
Whereas BleepingComputer couldn’t independently confirm these claims, the info additionally allegedly incorporates financial institution transactions with names, account numbers, balances, and IVR funds switch supply code.
”In October 2023, we experienced a cybersecurity incident that was quickly contained,” a Truist Financial institution spokesperson instructed BleepingComputer when requested to touch upon the menace actor’s claims.
“In partnership with exterior safety consultants, we performed a radical investigation, took further measures to safe our programs, and notified a small variety of purchasers final Fall,
When requested if this was related to the continuing Snowflake assaults, the spokesperson mentioned, “That incident is not linked to Snowflake. To be clear, we have found no evidence of a Snowflake incident at our company.”
“We regularly work with law enforcement and outside cybersecurity experts to help protect our systems and data,” the Truist Financial institution spokesperson added.
“Based on new information from the ongoing investigation of the October 2023 incident, we have notified additional clients. We have found no indication of fraud arising from this incident at this time.”
The identical menace actor additionally sells information stolen from cybersecurity firm Cylance for $750,000, together with databases allegedly containing 34,000,000 buyer and worker emails and personally identifiable info belonging to Cylance prospects, companions, and staff.
Cylance confirmed the legitimacy of their claims, stating that it is previous information (from 2015-2018) stolen from a “third-party platform.”
Sp1d3r additionally beforehand put up on the market 3TB of information belonging to automotive aftermarket elements supplier Advance Auto Components on the identical hacking discussion board, stolen after breaching Advance’s Snowflake account.