The cyber attackers are requesting the financial institution to install high-security systems. The criminals have already published 240 credit card numbers.
A group of hackers, called “Maze Ranzomware,” claim to have accessed the systems of the Bank of Costa Rica (BCR). They reportedly extracted millions of data about users’ accounts and credit cards. The cybercriminals are demanding a ransom in order not to expose the information that they have in their possession.
Last May 1st, BCR denied that their security system had been the object of hacking. They even stated that they have exhaustively verified their technological platform. Likewise, they said that they had activated their protocols, including links to other national and international institutions, and determined that it was just an extortion attempt.
However, the cybercriminals claim to have attacked the Bank of Costa Rica on two other occasions in the last eight months. They said that they compromised the financial institution in August 2019, when they stole credentials and other sensible data. After that, they attacked it last February and they are now posting a series of messages on the social networks.
The criminals stated that they may sell that information in the dark market for several million US dollars. However, the Maze team is not selling the private information in the dark market or stealing users’ money. They say that they are trying to focus on the security gaps affecting the Bank of Costa Rica, as well as other financial institutions whose credit cards were processed by BCR.
After allowing some time for the institution to reply to their request, and given the inaction by the managers of the entity, the group decided to publish 240 credit card numbers without the last four digits. As part of what they are requesting from the bank is the installation of high-security systems to protect its network.
Banks vs. Bitcoin
Banks are responsible for safeguarding not only their customers’ money but also their data. Although they provide a balance of the movements of the funds, they never explain what they do with private data. Financial institutions need to give consumers more control over their data and provide more information about how they use private information.
Bitcoin’s decentralized network establishes a new value relationship that contrasts with the one that banks traditionally offer. It represents more power over assets and private data, part of the offer of decentralized alternatives, which allow the user to operate privately and transparently.
To operate on the Bitcoin network, it is not necessary to provide personal data. Therefore, it is impossible to know, at first glance, who owns the wallet. Network users have an address (public key), which is not identified with a name, and it is impossible to relate it to a particular person unless that person decides to reveal his or her address.
During the eleven years that Bitcoin has existed, no one has ever been able to hack its blockchain. No central server maintains balances, passwords, or user names. Besides, each user has his or her keys (private keys), which is the only way to transfer funds.
By Alexander Salazar