Hacker Selling 40 Million Ukrainian Bank Customer Records

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

The largest bank in Ukraine, ‘PrivatBank,’ has had an undisclosed data breach in the recent past, as the sensitive information of a large number of its clients has appeared on popular hacker forums in the form of a purchasable package. The database contains over 40 million records of the bank’s clients, exposing them to phishing, scamming, identity theft, bank fraud, and generally a wide range of exploitation potential.

More specifically, the seller advertises the following details:

Considering that the entire population of Ukraine is 44 million, a significant portion of these records must be duplicates. Another possible explanation is that the bank serves foreigners too, but the seller isn’t mentioning anything like that, and it’s not very probable.

It is noteworthy that the same seller is also offering 93 million data of Mexican citizens (full names, DoBs, addresses), 10 million Ukrainian Vodafone subscriber details, Kyivstar and Lifecell data (13 million and 3 million respectively), Ukrainian and Russian car database (traffic police), 1 million Nova Poshta data, and 7.5 million Ukrainian passports. These, however, are separate offerings sold individually.

Source: KELA

The price tag for the database was set to about $3,400 in Bitcoin, and the number of purchases is unknown. Researchers at CyberNews who checked the provided address confirm that it’s empty. Still, the seller may be using a new address after each sale to maximize their chances of getting to keep at least part of that money, even if some of the addresses get reported.

PrivatBank has had a troublesome past when it comes to cybersecurity, so the data that’s offered for sale right now could be just a repackaging of older leaks. In 2018, it was revealed that the financial institution had fallen victim to a large-scale ten-year fraud that resulted in them losing $5.5 billion.

In 2016, hackers stole $10 million from the bank by exploiting a loophole in the SWIFT system. And in 2014, Russian hackers of the “CyberBerkut” group stole client data and published it on the ‘Vkontakte’ social media platform.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: