International bank Santander hit by data breach in Spain, Chile, and Uruguay

International bank Santander is reeling from a data breach that has impacted customers and employees in Spain, Chile, and Uruguay. The breach occurred through a database hosted by an external provider, leading to unauthorized access to sensitive information.

Although Santander assured the public that its internal systems remain unaffected, the breach exposed customer data as well as information belonging to current and former employees. The extent of the breach, including the number of affected individuals, is still unknown.

Security experts like Thomas Richards from Synopys Software Integrity Group are emphasizing the need for financial institutions to impose stricter security measures on third-party providers. This includes conducting penetration testing, red teaming, and threat modeling to identify vulnerabilities and prevent unauthorized access.

Erfan Shadabi, a Cybersecurity Expert at comforte AG, suggests implementing a zero-trust architecture and data-centric security measures like tokenization and encryption to mitigate future risks. These measures aim to safeguard sensitive information and render it unusable to unauthorized parties in the event of a breach.

The incident underscores the importance of robust vetting processes for external providers and continuous monitoring to prevent data breaches. As the financial industry confronts evolving cybersecurity threats, institutions must prioritize the security of customer and employee information to maintain trust and confidence in the digital age.