After a Geneva bank refused demands for ransom, a group of hackers publicly posted stolen customer information – and they’re now demanding again to be paid or they’ll release more of the same, Bloomberg reported on Friday.
BCGE’s headquarters in Geneva
After Banque Cantonale de Geneve (BCGE) declined to pay a mere 10,000 euros ($12,000) in ransom, a group calling itself Rex Mundi posted a link to emails with BCGE clients’ names, phone numbers and account numbers, as well as their emails with the bank, Bloomberg wrote.
Rex Mundi is among a growing number of online hackers that demand ransom for stolen information, either from affected companies or individuals whose home computers have been locked by “ransomware,” according to Bloomberg.
“One thing you can say about these guys is that you have to take them very seriously,” security analyst Chase Cunningham told the news service. “If you don’t pay up they are going to try to make you suffer.”
Rex Mundi has conducted similar shakedowns of other companies, after scanning for vulnerabilities in company networks and extracting data , Cunningham said. Bloomberg cited a tweet from the group: “It is easier to get 10 companies to pay 10K than to get 1 company to pay 100K.”
On Thursday, the Geneva bank issued a press release that stated “only certain information transmitted by Internet users, but in no way critical and of no great use or even obsolete, was re-transcribed. The BCGE has implemented additional safeguards. Every customer concerned has been or is in the process of being informed by their bank advisor.”
The bank added that the hacking outside the bank’s “highly-secured perimeters” that would have enabled the hackers to actually steal money from customer accounts.
“Having fully analysed this attack, the BCGE emphasises the robustness of its security system while at the same time insisting on the need for its customers to be cautious when using internet applications,” the bank wrote in its release.
Photo: MHMM5, Wikipedia Commons, CC BY-SA 3.0
