CIBanco SA Got Allegedly Struck by REvil Ransomware Operators

According to a research report, the cyberattacks on financial institutions has spiked by a massive 238% this year as compared to last year. Cybercriminals are taking advantage of the on-going COVID-19 pandemic situation. The third annual Modern Bank Heists report revealed that over a quarter (27%) of attacks so far this year have targeted either the healthcare or financial sectors.

The Cyble Research Team identified a breach of a reputed financial institute based in Mexico – CIBanco SA, claimed by the REvil Ransomware Operators

Cibanco, S.A., Institución de Banca Múltiple is located in CIUDAD DE MEXICO, Mexico and is part of the Banks & Credit Unions Industry. Cibanco, S.A., Institución de Banca Múltiple has 3,300 employees across all of its locations and has been earning annual revenue of over $150 million. There are 142 companies in the Cibanco, S.A., Institución de Banca Múltiple corporate family.

Below is the disclosure post through which the REvil ransomware operators claim to have allegedly breached CIBanco SA-:

After analysing the leaked files, the Cyble Research Team identified-:

  • Currently, the ransomware operators have released the data leak part 1 which seems to pretty small in the data size but contains sensitive data related to the company. Apart from it, REvil group seems to threaten the company to publish data leaks part 2 and 3 soon.
  • The data leak part 1 contains sensitive and confidential documents of the company which includes KYC legal person documents, bureau credit reports, industrial sector analysis reports,   and much more.
  • The ransomware operators claim to be in possession of all confidential data about the company’s clients and employees, which they seem to start to publish soon if the company does not contact them.

Cyble has been reporting these types of breaches to aware individuals of the risks associated with using online services.

Tips on how to prevent ransomware attacks –

  • Never click on unverified/unidentified links
  • Do not open untrusted email attachments
  • Only download from sites you trust
  • Never use unfamiliar USBs
  • Use security software and keep it updated
  • Backup your data periodically
  • Isolate the infected system from the network
  • Use mail server content scanning and filtering

It is recommended to follow above mentioned prevention methods and never pay the ransom.

About Cyble

Cyble is an Atlanta, US-based, global premium cyber-security firm with tools and capabilities to provide near real-time cyber threat intelligence. 

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

This monitoring and notification platform gives the average consumer insights into their personal cybersecurity issues, allowing them to take action then as needed. It has recently earned accolades from Forbes as being the top 20 cyber-security companies to watch in 2020. 

Scroll to Top