Santander hit by data breach in Spain, Chile and Uruguay

International bank Santander has been hit by a data breach in Spain, Chile and Uruguay.

The Spain-based bank said some customer and employee data in a database hosted by an outside provider was accessed by an unauthorised party but that the bank’s own operations and systems have not been affected.

The bank said in a statement that the data was from customers in Spain, Chile and Uruguay, as well as from current and some former employees. It is not known how many clients were affected.

Thomas Richards, Principal Consultant at the Synopys Software Integrity Group, said: “This incident highlights the trend of third party providers undergoing additional security scrutiny. Over the past few years there have been several instances of compromise where the root cause was a security issue from a third party. Financial institutions are going to require more from their vendors to undergo security reviews and make improvements to better protect information being stored outside of their control.

“These reviews will most likely take the form of penetration testing, red teaming and threat modeling. If they don’t already, the financial institutions will require these vendors to be either SOC II or ISO 27001 certified as a baseline of security standards.”

Erfan Shadabi, Cybersecurity Expert at comforte AG, said: “Outside providers can often be a source of breaches, necessitating robust vetting processes and continuous monitoring. To mitigate these risks, implementing a zero-trust architecture is essential. This approach operates on the principle of verifying every access attempt as if it originated from an open network, thereby reducing the likelihood of unauthorised access.

“Moreover, adopting data-centric security measures, such as tokenisation and encryption, is crucial. These techniques ensure that even if a breach occurs, the data remains protected and unusable to unauthorised parties. By focusing on securing the data itself, organisations can provide an additional layer of defence that safeguards sensitive information regardless of the breach’s origin.”