HONG KONG (Reuters) – Valartis Bank, a Liechtenstein lender, was targeted by a hacker but account statement data was not obtained and no money losses have been identified so far, the Chinese parent of the bank said on Tuesday.
A German newspaper reported on Sunday that customers of the bank were told by unknown blackmailers they must pay a portion of their savings or face having account details sent to finance authorities and the media.
The hackers were demanding 10 percent of the account balances, to be paid in Internet cryptocurrency Bitcoin to help preserve anonymity, Bild am Sonntag said.
Citychamp Watch & Jewellery Group Ltd, which bought a majority stake in the bank from Swiss-listed Valartis Group this year, said in a statement that an investigation by the bank and authorities had confirmed that the core system of bank had not been affected.
“The attacker did not obtain details of the account statement or asset data,” Chief Financial Officer Fong Chi Wah said in the statement. “Possible affected customers have already been informed by the bank.”
Trade in Citychamp’s Hong Kong-listed shares slumped as much as 12 percent in thin trade on Tuesday morning after being suspended on Monday.
The attacker obtained unauthorized access to the bank’s e-banking system and obtained information on payment orders, Citychamp said. Representatives of the bank were not immediately available to confirm details as reported by Bild am Sonntag.
The bank is cooperating with relevant authorities and external specialists have confirmed that the bank’s information technology infrastructure complies with security standards, Citychamp added.
(Reporting by Donny Kwok; Editing by Edwina Gibbs)
Source: SANS ISC SecNewsFeed @ November 28, 2016 at 07:33PM