There’s a new batch of data that has been leaked on the dark web, allegedly belonging to customers of the state-owned bank of Costa Rica, “Banco BCR.” The hackers, who are the operators of the Maze ransomware, are leaking the data they claim to have acquired from the bank’s systems after they accessed the corporate network twice. As it usually happens with Maze ransomware nowadays, the actors are stealing files and begin the leaking of stolen data, to apply pressure to the victims and force them to pay the requested amount.
In this case, the hackers claim to have stolen 11 million credit card credentials and various data that accompany the holders of these cards. They mention that the data was first accessed in August 2019 and that they decided not to infect the bank's network with ransomware, fearing that the consequences for the people of Costa Rica would be too damaging - implying their moral values stopped them. However, they revisited the bank’s network in February 2020 and saw that Banco BCR’s IT team had done nothing to secure the systems. With the COVID-19 pandemic underway, they decided not to lock the bank’s systems this time either, but they stole a bunch of credit card data.
As the Maze actors point out, they could have exfiltrated more data, but they just opted to grab information that concerns the last couple of years. For now, they have leaked 240 credit card numbers with expiration dates and the corresponding verification codes (CVV), but they have removed the last four digits as a sign of goodwill. They claim to have a total of four million unique card details and that 140,000 of these records belong to customers from the United States.
Not only has the bank failed to secure its systems, but the actors claim to have been unsuccessful in even contacting them in order to determine the ransom amount. There is a defiant and utter lack of any accountability from Banco BCR’s side, and Maze hopes that the publicity that will be generated by the gradual leaks will finally shake the people who are responsible. If you are a customer of Banco BCR, the best thing that you can do right now would be to contact the bank and ask about the incident and whether you have been compromised.