Third-party database hack exposes Santaander's US employees' bank account details, according to the bank's warning
In a recent development, Santander Bank has announced plans to notify customers, employees, and regulators about a data breach that occurred on April 17 and was discovered on May 10. The breach involved employee data used for direct deposits, occurring between late April and early May.
According to reports, a total of 12,786 people were impacted by the breach, but it is not yet clear whether the affected individuals only include U.S. employees or if others were affected as well. The unauthorized access to the systems was blocked immediately after the breach was discovered.
The breach comes amidst claims made by the threat group ShinyHunters that they had gained access to data belonging to 30 million Santander customers. However, Aviral Verma, a lead threat intelligence analyst at Securin, has expressed doubt about ShinyHunters' involvement in the Santander breach.
As of July 2025, no authoritative information naming the party responsible for the Santander Bank data breach has been publicly disclosed. The available information instead focuses on scam trends affecting Santander customers, fraud operations within Santander, and general data security enforcement by the U.S. Department of Justice. None of the sources mention an identified perpetrator or group behind the breach.
In a statement, Santander Bank warned thousands of U.S. employees about a potential data breach. The third-party database did not contain any transactional data or account credentials. It is important to note that this is not the first time Santander has faced a data breach. In a previous incident, the bank announced that customers of Santander Chile, Uruguay, and Spain were also impacted by a third-party database hack. This previous hack also affected all current employees worldwide and some former workers.
Santander Bank has not yet released a statement regarding the current data breach, but they have assured customers and employees that they are taking the necessary steps to protect their data and prevent future breaches. The bank encourages anyone who believes they may have been affected by the breach to contact them directly for more information.
As the investigation into the Santander Bank data breach continues, it is crucial for individuals and organisations to remain vigilant and take the necessary precautions to protect their data. This includes regularly updating passwords, monitoring account activity, and staying informed about the latest scams and threats.
[1] Source 1 [2] Source 2 [3] Source 3
- This latest data breach at Santander Bank requires immediate attention from the cybersecurity sector, given the sensitive nature of the employee data involved and the potential risks to the bank's finances and business operations.
- As the threat intelligence community continues to monitor cyber threats against financial institutions, the ongoing Santander Bank data breach is a reminder of the critical role technology plays in safeguarding both business and personal data.
