Santander hacked: are online UK banking customers affected by hack, as Ticketmaster also hit - change password

Santander has fallen victim to a cyber attack, resulting in hackers gaining access to data on all of its employees and millions of international customers, the bank has confirmed.

The same hacking group is believed to be responsible for a similar data breach at Ticketmaster that occurred earlier this week.

The bank said the breach involved information about all current and some former Santander employees, along with customers in Spain, Chile and Uruguay.

“No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords,” it said.

It also stressed that its banking systems were not affected and customers could continue to “transact securely”.

Read more - Ticketmaster hack: Live Nation Entertainment hit by massive breach

Santander employs about 200,000 people worldwide, including around 20,000 in the UK. No customer data in the UK, or any other of its markets, were affected.

According to reports, the ShinyHunters hacking group claimed responsibility for the cyber attack and said it had stolen the personal details of millions of people.

Dark Web Informer, researchers who expose threat alerts and breaches, said ShinyHunters was allegedly selling access to Santander’s database for two million US dollars (£1.6 million) to a “one time” buyer.

The hackers said Santander was “also very welcome” to buy the data themselves. Santander has not commented on the accuracy of these claims.

As mentioned, Ticketmaster experienced a similar cyber attack earlier this week, with the hackers allegedly offering to sell customer data on the dark web.

The ShinyHunters group is believed to be behind both incidents, and is reportedly demanding a ransom of approximately £400,000 to prevent the Ticketmaster data from being sold.

The group reportedly accessed the names, addresses, phone numbers, and partial payment details of 560 million customers.

Despite a few days of silence, Ticketmaster eventually confirmed the incident had taken place through a filing to the US Securities and Exchange Commission filed by Live Nation, its parent company.

It said: “On 27 May 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web. We are working to mitigate risk to our users and the Company, and have notified and are cooperating with law enforcement.

The company added: “As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations. We continue to evaluate the risks and our remediation efforts are ongoing.”

According to reports, authorities in Australia and the US are engaging with Ticketmaster to understand and respond to the incident.

If you are worried that you’ve been affected by the Ticketmaster hack, you may want to change your account password.

To change your Ticketmaster password, follow these steps:

• Visit the Ticketmaster website and log in to your account.
• Once logged in, navigate to your account settings. This is typically found by clicking on your name or profile icon.
• Look for an option like "Change Password" or "Security Settings." Click on it to proceed.
• You'll likely need to enter your current password for verification purposes. Then, enter your new password in the designated fields.
• After entering your new password, confirm the changes. Some platforms may ask you to re-enter the new password to ensure it matches.
• Once confirmed, save the changes to update your Ticketmaster password.