Third-party data breach at Santander impacts thousands of employees

A third-party-run database at Santander has suffered a breach impacting both customers and employees at the bank.

After an investigation, Santander found that customer data in Chile, Spain and Uruguay was accessed during the breach, while all of the bank’s current employees across the group were impacted by the incident.

Santander currently has more than 211,000 employees around the world.

Some ex-staff members also had their information accessed in the breach.

"We recently became aware of an unauthorised access to a Santander database hosted by a third-party provider," said the bank in a statement. "We immediately implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers."

The Spanish bank assured customers that no transactional data or credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords.

None of Santander's operations or systems were impacted by the data breach.

"We apologise for the concern this will understandably cause and are proactively contacting affected customers and employees directly," continued Santander. "We have also notified regulators and law enforcement and will continue to work closely with them."

Guy Golan, chief executive and executive chairman of UK cyber firm Performanta, told FStech that while Santander has done the right thing by issuing a statement on the incident, the bank has fallen short on establishing who was responsible for the breach.

"The issue is the confusion on third parties," he said. "Santander has not established who the third parties are, whether they themselves were malicious or not or how access was made."

The chief executive praised the bank for mentioning mitigating factors and database monitoring, however explained that as Santander is a multinational bank it's likely these methods have been in place for a long period.

"Their ability to respond proactively has been lacking which means Santander has not been able to truly defend itself from future attacks; the bank only responds what has already happened and caused damage," he continued. "Early detection was certainly a positive in this case, but it relies too much on luck."

Santander declined FStech's request for further comment.



Share Story:

Recent Stories


Data trust in the AI era: Building customer confidence through responsible banking
In the second episode of FStech’s three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech examines the critical relationship between data trust, transparency, and responsible AI implementation in financial services.

Banking's GenAI evolution: Beyond the hype, building the future
In the first episode of a three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech explores how financial institutions can navigate the transformative potential of Generative AI while building lasting foundations for innovation.

Beyond compliance: Building unshakeable operational resilience in financial services
In today's rapidly evolving financial landscape, operational resilience has become a critical focus for institutions worldwide. As regulatory requirements grow more complex and cyber threats, particularly ransomware, become increasingly sophisticated, financial services providers must adapt and strengthen their defences. The intersection of compliance, technology, and security presents both challenges and opportunities.

Unleashing generative AI: A force multiplier for financial crime teams
This FStech webinar, sponsored by NICE Actimize sees industry experts examine the revolutionary impact of generative AI on financial crime operations, and provides actionable insights to enhance your compliance strategies.