Hackers accessed the data of several thousand ING Germany customers. A vulnerability in the MOVEit Transfer application allowed the attackers to view names and bank account numbers. According to the bank, there are no indications that the captured data was misused. The ING confirms this to the Financieele Dagblad and RTL Nieuws.
An ING spokesman stressed that the bank's own systems were not affected. Instead, the attackers managed to infiltrate the systems of data service provider Majorel. Majorel provides the switching service for customers who want to switch bank accounts. The spokesman let it be known that there is nothing to indicate that the data was misused, for example for phishing, help desk fraud or identity fraud.
The hackers were able to access data such as first and last names and account numbers. According to the bank, customers are therefore not in acute danger. However, the bank does warn its customers that cybercriminals can misuse this data for scams. For example, scammers can pose as bank employees and ask gullible victims to transfer money to their accounts. It is also possible to make unauthorized direct debits.
ING Germany is not the only German bank attacked by hackers. Deutsche Bank, Postbank, Comdirect and Commerzbank were also victims of the Majorel cyber attack.
The hack allegedly occurred before software developer Progress disclosed the vulnerability in MOVEit Transfer in early June. The Russian hacker group Clop allegedly used this exploit to create "hundreds" of victims.
Airline companies British Airways and Aer Lingus, pharmacy chain Boots, British broadcaster BBC, the government of the Canadian province of Nova Scotia, British payroll company Zellis, the University of Rochester, the University of Georgia, investment fund Putnam, several U.S. banks and Gen Digital, among others, have confirmed that hackers abused the zero-day exploit in MOVEit Transfer.
We know of three Dutch companies that have been attacked by hackers via Progress' application. Landal GreenParks confirmed last month that the private data of some 12,000 vacationers may have been captured. At Shell, the vulnerability in the application was exploited to steal data. No important IT systems would have been affected.
Finally, TomTom confirmed Tuesday that cybercriminals allegedly stole data via the application. Reportedly 82 GB of data was captured in the process, but the navigation company would not confirm that. A spokesman did say that the security breach has since been closed and that no data was stolen that could have a "negative material impact on TomTom or its customers."