Italian Bank “UniCredit” Reveals Breach that Affects 3 Million Clients

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

“UniCredit”, the Italian financial services and global banking company, has informed the public of a data breach that concerns a single file generated back in 2015. All of the customer details that have been exposed due to this incident concern Italian clients and the estimated number of affected individuals is approximately three million. The banking giant now promises to alert their clients individually, sending them notifications via post and also email. At this moment, UniCredit is carrying out an internal investigation, so not many details about what exactly has happened were disclosed.

According to the organization, no account credentials or other kinds of highly sensitive information have been compromised, so no one can access customer accounts or carry out unauthorized financial transactions. What was exposed is phone numbers and emails, opening up the potential for phishing attacks. Client names were not included in the file, but most email addresses denote the owner’s real name, so there’s a significant risk for the three million individuals. UniCredit realized what happened on Thursday, and confirmed the incident over the weekend while informing the police and the personal data protection agencies in the country.

One notable element is the fact that UniCredit fell victim to a cyber-attack back in October 2016, which affected almost half a million customers. Back then, the bank decided to invest 2.4 billion Euros in upgrading its IT systems and strengthening its security. However, a hacker managed to compromise the bank-firm again during the summer of 2017, stealing the PII and IBANs of hundreds of thousands again. Now, the news about this breach that affects mostly older clients comes only a few months after UniCredit upgraded their client identification process and strengthened its payment transaction system even further. Maybe this was the reason why this latest incident had a somewhat limited impact.

Terence Jackson, Chief Information Security Officer at Thycotic (PAM solutions), has provided us with the following comment about this incident, and in conjunction with the recent Adobe breach:

“On the surface, it appears that both of these incidents could be related to misconfigurations in cloud services. According to a Gartner Analyst, if the underlying cloud infrastructure is secure, then responsibility for cloud breach must lie with the cloud customer. Through 2022, at least 95% of cloud security failures will be the customer’s fault. There must be additional controls implemented to minimize the occurrence of misconfigurations and additional countermeasures deployed to make sure secure baselines are not changed.”

Do you have anything to comment on the above? Feel free to do just that in the section down below, or on our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: