Nearly half a million clients of UniCredit – one of Italy’s largest banking institutions – have potentially had their private banking transactions looked at by hackers. The data theft is the biggest so far in Italy.
The bank just discovered that it was a victim of two separate attacks earlier this year. So far, UniCredit is assuring clients that although someone may have looked at their online activities – the same individuals did not take a look at their passwords. It also seems that the attack happened via one of the bank’s external suppliers.
The list of unknowns about the hacking attack is much longer than the known ones. UniCredit does not know who did the hacking. They haven’t said how this hack was technically pulled off — whether this was through an insider or through a vulnerability. And they also don’t know what the objectives of the hackers were – whether they were after the private data of 400,000 UniCredit customers alone, were they trying to siphon funds from selected accounts, or were black hats who hacked the bank just to see if they could do it.
UniCredit customers are a little nervous – and they should be. But better than being nervous is proactively working to ensure that your device – and your data – is as secure as possible. This means double-checking the following points: