UniCredit says data attack involved 400,000 clients
A first breach seems to have occurred in September and October 2016 and a second breach which has just been identified in June and July 2017. Data of approximately 400,000 customers in Italy is assumed to have been impacted during these two periods.
No data, such as passwords allowing access to customer accounts or allowing for unauthorised transactions, has been affected, whilst some other personal data and IBAN numbers might have been accessed.
UniCredit has launched an audit and has informed all the relevant authorities.
UniCredit will also file a claim with the Milan Prosecutor's office. The bank has also taken immediate remedial action to close this breach.
UniCredit is investing 2.3 billion euro in upgrading and strengthening its IT systems. ■