Phone us
Last month Santander Bank confirmed a significant data breach that exposed the details of approximately 30 million customers. The attack, attributed to the hacking group “ShinyHunters,” has raised concerns over the security of customer information and the potential sale of sensitive data on the dark web.
Details of the Breach

On May 14th, Santander disclosed that unauthorised access to a database hosted by a third-party provider had been detected. The bank immediately took steps to contain the incident, including blocking the compromised access and enhancing fraud prevention controls. Despite these efforts, customer information from Santander’s operations in Chile, Spain, and Uruguay had been accessed. Fortunately, data from other Santander markets, including the UK, was unaffected.

The specifics of the accessed data include bank account details, account numbers and balances, credit card numbers, and HR information for employees. ShinyHunters, the group claiming responsibility for the breach, has allegedly posted on hacking forums, boasting about the data haul. It is being reported that the stolen data is being advertised for sale on the dark web.

Impact on Customers and Employees

The breach has not only affected millions of customers but also all of Santander’s 210,000 employees globally, including 20,000 in the UK. However, Santander has assured that the compromised database did not contain transactional data or credentials that would allow unauthorised transactions, such as online banking details and passwords. Customers have been able to continue to transact securely, as the bank’s core banking systems were not impacted.

Inevitably, such incidents are also used by fraudsters to socially engineer customers, using the news of the data breach as a hook to contact potential victims, pretending to be from Santander and offering advice. This can lead to the customer unwittingly authorising transactions to a fraudster’s account, for example, in the belief it is a ‘safe account’ provided by the bank to protect their money.

Third-Party Risks

The breach at Santander, involved unauthorised access to a database hosted by a third-party provider. This incident highlights a growing concern in the industry: the risks associated with third-party service providers. In recent months, several financial institutions have experienced similar breaches. For instance, in February, Bank of America had to warn over 57,000 customers about a data leak resulting from a ransomware attack on one of its technology partners, Infosys McCamish Systems (IMS). In March, Fidelity Investments Life Insurance Company and American Express faced similar breaches involving third-party providers.

Broader Implications for Cyber Security

The Santander cyber hack is another demonstration of the growing threat posed by online criminals to both businesses and consumers. Reports recently suggested ShinyHunters are demanding a £400,000 ransom from Ticketmaster to prevent its data from being sold on the dark web, though the online ticket seller has not acknowledged the breach publicly.

Recent UK corporate targets of cyber attacks include vet group CVS in April, law firm IT provider CTS in November, and outsourcing giant Capita in late 2023. These incidents highlight the pervasive risk of online criminal activity and the significant impact such breaches can have on a company’s reputation.

For financial institutions like Santander, even smaller breaches can significantly undermine customer confidence, which is crucial in the competitive banking arena. The growing cyber hack risk necessitates continuous improvements in cybersecurity measures to protect sensitive information and maintain trust with customers.

AJC’s Cyber Security Solutions

At AJC, we understand the potential risks posed by third-party providers. Businesses must maintain a clear understanding of where their data resides and the systems on which it is stored. Proactive threat assessments and regular reviews of third-party risks should be standard practice to prevent such incidents.

AJC offers a range of cyber security services to help organisations strengthen their defences. From independent reviews of cyber safeguards to expert guidance on cyber security plans and policies, we provide cost-effective solutions tailored to your needs. Our experienced team can also step in as your Chief Information Security Officer (CISO) and offer expert commentary to navigate cyber security incidents effectively. With our services, you can ensure robust cyber security measures without the expense of recruiting a full-time employee. Find out more.

Please contact us on 020 7101 4861 if you think we can help.


Image accreditation: Rodion Kutsaiev (January 2023) from Last accessed on 17th June 2024. Available at:

In case you missed it...

IT Outage
Worldwide IT Outage: Rethinking Resiliency

If you’ve been following today’s news, you'll be aware of the massive IT outage worldwide which has grounded flights, forced some broadcasters off...

Read More
Starting out in the Cyber Security...

Over the past years, AJC has been fortunate to experience considerable growth. As a natural step to support this, AJC...

Read More
Visa Acquirer Monitoring Programme Changes 2024:...

Visa is changing its compliance framework with the updated Visa Acquirer Monitoring Programme (VAMP) which will affect European merchants, acquirers,...

Read More

Get in touch

    By submitting this form you are consenting that your data be handled in accordance with our Privacy Notice and we will be in touch regarding your enquiry.