The Sp1d3r cybercrime gang has struck again, this time targeting Truist Bank and compromising sensitive data on thousands of its employees. Truist Bank, a major US commercial bank resulting from the merger of SunTrust Banks and BB&T in late 2019, boasts $535 billion in assets under management. The bank offers a wide range of services, including consumer and small business banking, commercial banking, corporate and investment banking, insurance, wealth management, and payments.

According to Sp1d3r, they have accessed information on 65,000 employees, including details of bank transactions such as names, account numbers, balances, and IVR funds transfer source code. The cybercriminals are offering this data for sale at a price of $1 million.

The breach is reported to have occurred in October 2023, but Truist Bank only confirmed it recently when the stolen data surfaced online. A spokesperson from Truist Bank stated, ‘In October 2023, we experienced a cybersecurity incident that was quickly contained. In partnership with outside security consultants, we conducted a thorough investigation, implemented additional security measures, and informed a small number of clients last Fall.’

Sp1d3r has been in the limelight for previous data breaches, including selling sensitive data on 358,000 employees of Advance Auto Parts and 380 million customer profiles for $1.5 million. Additionally, they were involved in selling 34 million emails and other personally identifiable information belonging to customers, employees, and partners of cybersecurity firm Cylance for $750,000.

Contrary to speculation linking the breach to data storage provider Snowflake, the Truist Bank spokesperson clarified that there is no evidence of a Snowflake incident at the company. This latest cyberattack serves as a stark reminder of the ongoing threats posed by cybercriminals targeting major corporations and their employees.