Russian hackers may have obtained customer data from NBU online store
A potential leak of personal data of users of the National Bank of Ukraine's online store occurred after a cyberattack on a contractor. A dump with hundreds of thousands of records containing customer contacts and other proprietary information was made public.
What is known about the incident
According to the available data, the criminals gained access to the user database of an online numismatic store.
The leak allegedly contains 266,999 lines, Among them:
customer email addresses;
phone numbers;
hashed account passwords;
other registration information.
This is the data that users entered when creating accounts in the store.
The NBU's position
The National Bank of Ukraine reported that the online store is temporarily unavailable due to cyber attack on a contractor company.
At the same time, the regulator emphasises:
customer financial data is not compromised;
banking systems and payment infrastructure are operating as normal;
the incident is investigated and its consequences are addressed.
The NBU explains that such attacks on supply chains are common in the world of cybercrime.
Risks for users
Although there is no leakage of payment information, the collected contact details can be used to:
phishing emails and messages;
telephone fraud schemes;
attempts to obtain additional personal information.
The National Bank emphasises that its employees do not send letters requesting data confirmation, do not call for card details і do not ask to make payments by alternative means.
Context.
Cyberattacks on contractors of state institutions and large companies remain one of the key tools of the hybrid war against Ukraine.
Such incidents are regularly used for data collection, information pressure and fraudulent campaigns.
Ukrainian
English