Santander Bank had data from 12,786 employees across the U.S. exposed resulting from the breach of Snowflake customer environments, which has since been claimed by the ShinyHunters hacking operation, according to The Record, a news site by cybersecurity firm Recorded Future.
Infiltration of a third-party database leveraged by a Santander affiliate since April 17 enabled attackers to compromise data, which may include employees' names, Social Security numbers, and bank account details, said the Spanish banking giant in a filing with regulators. While Santander previously said that the impacted database did not contain any transactional information or online banking credentials, it has yet to confirm the claims of ShinyHunters, which alleged the theft of 30 million bank account details and 28 million credit card numbers.
Such a development comes after similar disclosures of impact from the Snowflake breach by Ticketmaster, LendingTree, Advance Auto Parts, and the Los Angeles Unified School District.