According to the Dutch bank, a low four-digit number of customers who used the statutory account switch were affected by a hacker attack at a service provider.
(Photo: REUTERS)
Frankfurt A data leak at an account switching service provider affects thousands of bank customers in Germany. In addition to Deutsche Bank and Postbank, this also applies to Comdirect and ING, as the financial institutions confirmed to the Handelsblatt.
ING, for example, announced that it was aware that a hacker attack had recently been carried out on a service provider with which the bank works as part of the statutory account switching assistance. “According to the current state of knowledge, a low four-digit number of customers who have used the statutory account switching assistance when opening a current account with us are affected.”
“Unauthorized persons” had access to personal data processed by the account switching service provider. According to the current state of knowledge, only the statutory account switching assistance is affected, but not the “account switching service, which we use much more frequently,” emphasized ING.
Deutsche Bank and Postbank announced on Friday that hackers had stolen the name and account number of an undisclosed number of customers. Criminals cannot gain access to bank accounts with names and account numbers alone. However, you can try to initiate unauthorized direct debits. The name and bank details are often sufficient for this. However, a customer can reclaim such debits from the bank up to 13 months later, Deutsche Bank said.
Neither Deutsche Bank nor ING wanted to name the service provider concerned. According to industry circles, however, both institutes work together with Majorel Germany, a service company for customer service in which Bertelsmann has a significant stake and which also includes at least one account switching provider. Bertelsmann sold its almost 40 percent stake to the French company Teleperformance in April.
Data leak at Majorel also affects Comdirect
In May 2016, the online bank ING announced that it was cooperating with Kontowechsel24.de on its new account switching service. Kontowechsel24.de is a wholly owned subsidiary of Majorel.
We are only affected by the data leak at Majorel with the Comdirect brand. Commerzbank brand customers are not affected. A spokeswoman for Commerzbank
Commerzbank reacted more openly to inquiries: “We are only affected by the data leak at Majorel with the comdirect brand. Customers of the Commerzbank brand are not affected,” said a spokeswoman for the institute. The bank is currently examining the effects and is approaching affected customers.
Majorel Germany confirmed on Monday that it had been the target of a cyber attack. “As part of a security gap in the “Move it” software, which affects many companies around the world, Majorel Germany has become the target of a hacker attack,” said a Majorel spokeswoman.
The attack took place before the security gap in the software became public “and only affected a single system that is operated with the ‘Move it’ software in Germany”. Other divisions of Majorel are not affected. Majorel did not provide further details on which system was affected when asked. The cybersecurity team “immediately closed” the vulnerability after it became known.
According to their industry association BVR, the Volks- und Raiffeisenbanken do not use Majorel. The money houses are therefore not affected. The IT service provider for the savings banks, Finanz Informatik, also did not work with Majorel.
More: Deutsche Bank warns of data leaks