Vulnerable Disclosures – a blog that seems to be re-posting some of my work from here and from PHIprivacy.net without any permission or even attribution – posted this:
Russian hackers have posted information on 10 US banks that have been breached in the past week and a half and are threatening to post additional information. Vulnerable Disclosures volunteers have been monitoring the intrusions via our OSINT-X platform and have seen a large uptick in the amount of information being disclosed.
Some of the larger media outlets are choosing not to disclose the breach out of security risk. The banks affected include the following:
- JP Morgan Chase
- First Data
- Suntrust Mortgage
- Several Credit Unions in the US and Canada
Since the disclosure that there were about 9 other financial institutions also impacted besides JPMorgan Chase, many of us have been waiting for the other financial institutions to voluntary disclose their breaches. With today’s post, I think it’s clear that if they don’t disclose voluntarily, Vulnerable Disclosures will likely disclose their breaches and create a PR nightmare for them as to why they didn’t disclose and notify when the customers’ data may have been stolen and marketed in underground markets.
N.B. Emails were sent to FirstData and SunTrust Mortgage asking them to confirm or deny breach, etc. This post will be updated if/when DataBreaches.net receives a response.