{"id":24691,"date":"2024-06-14T09:10:10","date_gmt":"2024-06-14T17:10:10","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/06\/14\/news-18421\/"},"modified":"2024-06-14T09:10:10","modified_gmt":"2024-06-14T17:10:10","slug":"news-18421","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/06\/14\/news-18421\/","title":{"rendered":"Truist bank confirms data breach"},"content":{"rendered":"\n<p>On Wednesday June 12, 2024, a <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/06\/advance-auto-parts-customer-data-posted-for-sale\">well-known<\/a> dark web data broker and cybercriminal acting under the name &#8220;Sp1d3r&#8221; offered a significant amount of data allegedly stolen from Truist Bank for sale.<\/p>\n<p>Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets, it is in the top 10 of US banks. In 2020, Truist provided financial services to about 12 million consumer households.<\/p>\n<p>The online handle of the seller immediately raised the suspicion that this was yet another <a href=\"https:\/\/www.threatdown.com\/blog\/snowflake-breach-looks-like-165-individual-incidents\/\">Snowflake related data breach<\/a>.<\/p>\n<figure class=\"wp-block-image aligncenter size-large is-resized\"><img decoding=\"async\" loading=\"lazy\" width=\"1243\" height=\"497\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2024\/06\/Sp1d3r_post.png?w=1024\" alt=\"Sp1d3r offering Truist bank data for sale\" class=\"wp-image-112143\" style=\"width:700px\" \/><figcaption class=\"wp-element-caption\"><em>Post by Sp1d3r on breach forum<\/em><\/figcaption><\/figure>\n<p>The post also mentions Suntrust bank because Truist Bank arose after SunTrust Banks and BB&amp;T (Branch Banking and Trust Company)&nbsp;merged in December 2019. <\/p>\n<p>For the price of $1,000,000, other cybercriminals can allegedly get their hands on:<\/p>\n<ul>\n<li>Employee Records: 65,000 records containing detailed personal and professional information.<\/li>\n<li>Bank Transactions: Data including customer names, account numbers, and balances.<\/li>\n<li>IVR Source Code: Source code for the bank\u2019s Interactive Voice Response (IVR) funds transfer system.<\/li>\n<\/ul>\n<p>IVR is a technology that allows telephone users to interact with a computer-operated telephone system through the use of voice and Dual-tone multi-frequency signaling (DTMF aka Touch-Tone) tones input with a keypad. Access to the source code may enable criminals to find security vulnerabilities they can abuse.<\/p>\n<p>Given the source and the location where the data were offered, we decided at the time to keep an eye on things but not actively report on it. But now a spokesperson for Truist Bank told <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/truist-bank-confirms-data-breach-after-stolen-data-shows-up-on-hacking-forum\/\">BleepingComputer<\/a>:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cIn October 2023, we experienced a cybersecurity incident that was quickly contained.&#8221;<\/p>\n<\/blockquote>\n<p>Further, the spokesperson stated that after an investigation, the bank notified a small number of clients and denied any connection with Snowflake.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;That incident is not linked to Snowflake. To be clear, we have found no evidence of a Snowflake incident at our company.&#8221;<\/p>\n<\/blockquote>\n<p>But the bank disclosed that based on new information that came up during the investigation, it has started another round of informing affected customers.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-protecting-yourself-after-a-data-breach\"><strong>Protecting yourself after a data breach<\/strong><\/h3>\n<p>There are some actions you can take if you are, or suspect you may have been, the&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/blog\/personal\/2023\/09\/involved-in-a-data-breach-heres-what-you-need-to-know\">victim of a data breach<\/a>.<\/p>\n<ul>\n<li><strong>Check the vendor\u2019s advice.<\/strong>&nbsp;Every breach is different, so check with the vendor to find out what\u2019s happened and follow any specific advice they offer.<\/li>\n<li><strong>Change your password.<\/strong>&nbsp;You can make a stolen password useless to thieves by changing it. Choose a&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/computer\/how-to-create-a-strong-password\" target=\"_blank\" rel=\"noreferrer noopener\">strong password<\/a>&nbsp;that you don\u2019t use for anything else. Better yet, let a&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/what-is-password-manager\" target=\"_blank\" rel=\"noreferrer noopener\">password manager<\/a>&nbsp;choose one for you.<\/li>\n<li><strong>Enable two-factor authentication (2FA).<\/strong>&nbsp;If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/glossary\/multi-factor-authentication-mfa\" target=\"_blank\" rel=\"noreferrer noopener\">two-factor authentication (2FA)<\/a>&nbsp;can be phished just as easily as a password. 2FA that relies on a FIDO2 device can\u2019t be phished.<\/li>\n<li><strong>Watch out for fake vendors.<\/strong>&nbsp;The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the&nbsp;identity of anyone who contacts you&nbsp;using a different communication channel.<\/li>\n<li><strong>Take your time.<\/strong>&nbsp;Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.<\/li>\n<li><strong>Consider not storing your card details<\/strong>. It\u2019s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.<\/li>\n<li><strong>Set up identity monitoring.<\/strong>&nbsp;<a href=\"https:\/\/go.cyrus.app\/MN4j\/fkkekmw9\" target=\"_blank\" rel=\"noreferrer noopener\">Identity monitoring<\/a>&nbsp;alerts you if your personal information is found being traded illegally online, and helps you recover after.<\/li>\n<\/ul>\n<h3 class=\"wp-block-heading\" id=\"h-check-your-exposure\"><strong>Check your exposure<\/strong><\/h3>\n<p>While matters are still unclear how much information was involved, it\u2019s likely you\u2019ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it\u2019s best to submit the one you most frequently use) to our&nbsp;<a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">free Digital Footprint scan<\/a>&nbsp;and we\u2019ll give you a report.<\/p>\n<div class=\"wp-block-malware-bytes-button mb-button\" id=\"mb-button-7ba16f0b-04e8-4679-9512-2f21a0971dcf\">\n<div class=\"mb-button__row u-justify-content-center\">\n<div class=\"mb-button__item mb-button-item-0\">\n<p class=\"btn-main\"><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint?utm_source=blog&amp;utm_medium=social&amp;utm_campaign=b2c_pro_acq_fy25dfplaunch_171269600960&amp;utm_content=V1\"><\/a><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<p><strong>We don&#8217;t just report on threats &#8211; we help safeguard your entire digital identit<\/strong>y<\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family&#8217;s\u2014personal information by using <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">identity protection<\/a>.<\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/06\/truist-bank-confirms-data-breach\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name &#8220;Sp1d3r&#8221; offered a significant&#8230; <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11172,32,5897,31535,31536],"class_list":["post-24691","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-data-breach","tag-news","tag-privacy","tag-sp1d3r","tag-truist-bank"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24691","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24691"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24691\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24691"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24691"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24691"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}