A Data Breach Has Affected Santander In Spain
A Data Breach Has occurred at the international bank Santander in Spain
The Spanish bank claimed that while an unauthorized party had gained access to some customer and employee data in a Data base housed by an outside providers, the bank's internal systems and activities remained unaffected. According to a statement from the bank, data came from current and post workers as well as customers in Spain.
The number of clients impacted is unknown, this tendency of third party suppliers coming under more security scrutiny is highlighted by this occurrence. There have been multiple cases of compromise in recent years when a third party security flaw was primary cause. In order to effectively safeguard data held outside of their control, financial institutions will demand more from their Vendors, including security evaluations and enhancements.
Red teaming, threat modeling and penetration testing are probably how these reviews will be conducted. The financial institutions will demand that these Vendors have either SOC lol or ISO 27001 Certification as a minimum security requirement if they don't currently have it. Strong vetting procedures and ongoing monitoring are necessary because outside providers can frequently be a source of breaches.