HSBC & Barclays Data Breach: 2.2 Million Records Exposed

Threat Actor: @IntelBroker and @Sanggiero | IntelBroker and Sanggiero
Victim: HSBC & Barclays | HSBC & Barclays
Price: Not specified
Exfiltrated Data Type: Database Files, Cert files, Source Code, SQL files, JSON config files, and Compiled Jar files.

Additional Information :

  • The breach occurred in April 2024.
  • The breach originated from a direct contractor of both banks.
  • Doubts persist regarding the veracity of the data shared by the threat actors.
  • The compromised data includes various types of files containing sensitive information.
  • Files made available for download include notary_request_2024.csv, ledger_summary_2024.csv, transaction_2024.csv, and notification_2024.csv.
  • Strengthening supply chain resilience and implementing robust security measures are crucial to prevent cyber incidents.
  • Companies should be aware of the security measures in place at the companies they collaborate with.

In a recent cyber incident, financial giants HSBC & Barclays have fallen victim to a significant data breach, exposing sensitive information to potential exploitation. The breach, which occurred in April 2024, originated from a breach within a direct contractor of both banks, allegedly orchestrated by individuals identified as @IntelBroker and @Sanggiero. This actors’ popularity and the frequency of their attacks are high, yet doubts persist regarding the veracity of the data they sharing.

The compromised data, which includes Database Files, Cert files, Source Code, SQL files, JSON config files, and Compiled Jar files. This data poses a serious threat to the privacy and security of both customers and the banks themselves.

Among the files made available for download are:

  • notary_request_2024.csv: 512K lines containing “reg_id,” “updated_ts,” “reg_id,” “created_ts,” and more.
  • ledger_summary_2024.csv: 241K lines with “primary_account_number,” “message_code,” “opening_balance,” “transaction_type,” and more.
  • transaction_2024.csv: 1 million lines featuring “transaction_number,” “transaction_id,” “code,” “amount,” and more.
  • notification_2024.csv: 501K lines comprising “user_id,” “event_id,” “is_delivered,” “is_action_complete,” and more.

Strengthening supply chain resilience through robust security measures and continuous monitoring is essential to prevent cyber incidents from spreading across interconnected networks. Companies need to be aware of the security measures in place at the companies they collaborate with, especially when they are involved in joint projects.

Original Source: https://dailydarkweb.net/threat-actors-allegedly-breached-hsbc-barclays-data-exposing-2-2-million-records/