The first paragraph says:
Truist Bank, a leading U.S. commercial bank, confirmed this week that its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company’s data for sale on a hacking forum.
We’ve learned they are headquartered in North Carolina.
A later paragraph names a potential actor.
A threat actor (known as Sp1d3r) is selling what they claim is stolen data containing information belonging to 65,000 employees for $1 million, as first spotted by DarkTower intelligence analyst James Hub.
It continues:
?”In October 2023, we experienced a cybersecurity incident that was quickly contained,” a Truist Bank spokesperson told BleepingComputer when asked to comment on the threat actor’s claims.
“In partnership with outside security consultants, we conducted a thorough investigation, took additional measures to secure our systems, and notified a small number of clients last Fall,
They claim their breach is not connected to the ongoing Snowflake fiasco we continue to learn about.
The same threat actor also sells data stolen from cybersecurity company Cylance for $750,000, including databases allegedly containing 34,000,000 customer and employee emails and personally identifiable information belonging to Cylance customers, partners, and employees.
Cylance confirmed the legitimacy of their claims, stating that it’s old data (from 2015-2018) stolen from a “third-party platform.”
The final paragraph says:
Sp1d3r also previously put up for sale 3TB of data belonging to automotive aftermarket parts provider Advance Auto Parts on the same hacking forum, stolen from Advance’s Snowflake account.
Truist Bank confirms breach after stolen data shows up on hacking forum is the article.
Truist merged from Sun Trust and another bank which is mentioned.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.