ING Spain suffers a massive data breach: personal information of thousands of customers has been exposed

The financial sector is once again in the spotlight. ING Spain Have you recognized a data filtration which affects thousands of its customers, following the publication of sensitive information by a cybercriminal group. Although the bank claims that the breach did not originate in its systems, the incident reopens the debate about information security in digital banking and the need to also control third parties who handle critical data.

‍

A new blow to banking cybersecurity

ING España has confirmed a data breach affecting more than 21,000 customers, in what is already considered to be one of the most important breaches for digital banking in Spain this year. The cybercriminal group BreachParty claimed to have accessed a file containing personal and banking information, including names, dates of birth, identification numbers, IBAN and telephone numbers.

‍

The bank states that its systems were not directly breached, attributing the incident to an “alien breach” in its infrastructure. However, the event once again highlights an uncomfortable reality: data security does not end up on the bank's servers, but it also depends on its entire network of third parties and suppliers.

‍

What is known so far

• The leaked file would contain more than 21,000 records containing sensitive data from Spanish customers.
• The attackers released part of the information as proof of the breach.
• ING has ensured that customer accounts and transactions remain secure, although it has taken additional protective measures.
• The exact origin of the leak has not yet been revealed or if it came from a technology partner or external service.

‍

Risks beyond the bank

Even if ING's systems weren't directly attacked, the exposure of personal data opens the door to a wave of fraud, impersonation and phishing campaigns. Cybercriminals often use this type of information to design personalized attacks, making victims believe that they are dealing with their real bank. In addition, the incident brings to the table the importance of data traceability: knowing who manages it, where it is stored and what security measures are applied at each point of the cycle.

‍

What this case teaches digital banking

The success of ING Spain leaves a clear lesson: cybersecurity in the financial sector cannot depend only on internal infrastructure.
Banks must adopt a comprehensive vision that covers the security of suppliers, consultants, integrators and any entity that handles sensitive information. In addition, transparency in communication is key. Recognizing an incident quickly and accurately reduces reputational impact and facilitates regulatory response to bodies such as the AEPD.

‍

What we recommend from Apolo Cybersecurity

From Apolo Cybersecurity, we warn that these types of breaches will continue to increase if they are not addressed proactively. Our key recommendations:

• Third-party audits: continuously review the security standards of external partners and vendors.
• Minimum access and privilege management (Zero Trust): even within a secure environment, limit access to sensitive data.
• Dark web data monitoring: identifying breaches before they are used for fraudulent purposes.
• Ongoing training for employees and customers: understanding risk is the first step in preventing it.
• Data incident response plans: have defined the technical, legal and communication steps in the face of a breach.

‍

Banking cybersecurity starts with digital trust

In an increasingly interconnected financial ecosystem, protecting customer data is protecting trust. At Apolo Cybersecurity, we help financial institutions to strengthen their digital resilience, improve supplier management and anticipate incidents such as that of ING Spain.

‍

‍