Finnish bank hacking disaster: 150 data breaches, 53 frauds, loot of millions, a group of friends involved, bug has been on-line for months, allowed fraudent authentication to third party services (like medical records, taxes, etc.)
On Tuesday, S-Pankki (S-bank) announced a vulnerability that occurred in the spring and summer when identifying with online banking credentials. According to the bank, the glitch was used “to a very small extent” also for abuses, when logging in was successful with another person’s credentials. First reports of abuses were sent to police and bank in May 2022, bit in the bank’s view all the problems reported were caused by careless handling of online bank IDs by the customer. Actually the problem was a serious bug in bank on-line systems.
The police suspect that the series of frauds started in May and continued throughout the summer. Two Finnish people now in jail, one is 16 year old teen.
Sources and more information: