Hackers steal hundreds of millions of pesos from Mexican banks
In yet another major cyberattack, hackers have siphoned hundreds of millions of pesos from Mexican banks, including Banorte, the country's second largest lender. Alejandro Diaz de Leon, the governor of Mexico's central bank, told journalists that the attack on the payment system, which happened late on Monday night, was unprecedented. Investigations are underway to uncover specifics. Here's more.
Central bank governor: We're not outta the woods yet
"There's no evidence that would allow us to say with certainty that this is over. We're taking corrective and mitigating action," said Alejandro Diaz de Leon.
The details are still blurry, but here's what we know
The central bank, however, refused to name the banks caught in the attack or specify the exact amount stolen. However, one source said that over 300 million pesos ($15.4mn) had been stolen. Meanwhile, daily newspaper El Financiero put the figure at 400 million pesos. Another source said that hackers might have had inside help as such large transfers were uncommon.
How the hackers stole millions
According to preliminary investigations, hackers placed hundreds of false orders to move money to fake accounts in other banks, and accomplices emptied the amounts in cash withdrawals across different bank branches. The fake orders ranged from tens to hundreds of thousands of pesos. It's not clear how much of the transferred money was actually withdrawn.
No clients of central bank affected by hack
The Mexcian central bank also said that no clients had been affected by the breach so far. The fraudulent transfers had hit only the accounts of financial institutions in the central bank. Details about damage to other banks isn't known yet.
Software developed by institutions, third-parties breached
However, the central bank's SPEI system, similar to the SWIFT global messaging system, had not been compromised in the attack. Instead, what was breached was the software developed by institutions and third-parties to connect to Mexico's payment system. Many banks in the country had been using these alternate, slower, and less secure technologies - a decision they will want to re-evaluate following the attacks.