One of the biggest European banks leaking sensitive data on their website

[HempBoosh]

Source: https://cybernews.com/security/one-of-biggest-european-banks-leaking-sensitive-data-on-website/
 

Quote

 

Our new research recently discovered a security issue with Santander, the 5th largest bank in Europe and the 16th largest in the world. This Spanish multinational bank controls approximately $1.4 trillion in total assets globally, and has a $69.9 billion total market capitalization on the Euro Stoxx 50 stock market index.

Our analysts found that the Belgian branch, Santander Consumer Bank, has a misconfiguration in its blog domain, allowing its files to be indexed. 

When we looked through these files, we were able to see sensitive information, including an SQL dump and JSON file that can be used by hackers to potentially phish Santander’s bank customers.

We contacted Santander immediately when we discovered the misconfiguration on April 15.  Representatives from the leading European bank responded to our emails and seem to have fixed the issue, as we are presently unable to access the information.

 

Summary: A Santander bank subdomain was misconfigured and could have its' files switched out by hackers, potentially leaking personal information of clients for phishing purposes. Researchers informed the bank and the vulnerability was fixed.
It's cool that there are some researchers out there that discover these kinds of vulnerabilities before hackers do and then inform the public. Often times companies will keep these kinds of breaches under wraps to save face, so it's good that someone is keeping track for those of us who don't know how. 

Edited May 8, 2020 by HempBoosh
Forgot to add my personal input and summary

[AlTech]

Santander is more of a Spanish Bank than a European bank per se but that doesn't change much.

 

Anyhow, it's good to see that they fixed it quickly.

[Cyberspirit]

Quote

$69.9 billion total market capitalization

Nice.

 

Never heard of that bank but it's good that the problem was fixed quickly.

[SOLO_AVENGER]

12 hours ago, AluminiumTech said:

Santander is more of a Spanish Bank than a European bank per se but that doesn't change much.

 

Anyhow, it's good to see that they fixed it quickly.

They're pretty big in the UK too.

 

Edit: But I guess you know that haha

[SpaceGhostC2C]

14 hours ago, AluminiumTech said:

Santander is more of a Spanish Bank than a European bank per se but that doesn't change much.

I don't see how you could be Spanish without being European...

 

2 hours ago, SOLO_AVENGER said:

They're pretty big in the UK too.

Yeah, as they state in the article, it's one of the biggest banks in Europe, and even a major player worldwide. Business in Spain itself is a minor part of its business at this point.

[Sakkura]

14 hours ago, AluminiumTech said:

Santander is more of a Spanish Bank than a European bank per se but that doesn't change much.

 

Anyhow, it's good to see that they fixed it quickly.

They operate in lots of European countries (as well as in the Americas).

 

Not to mention Spain is part of Europe, so anything Spanish is also European...