A group of hackers dubbed Maze claims to have compromised the infrastructure of Banco BCR, a Costa Rican state-owned bank, and is now threatening to leak millions of credit card numbers.

On Apr 30, Maze claimed that it has scoped out the bank in Baronial 2022:

"Co-ordinate to Financial Institutions Protocol this bank had to notify other institutions well-nigh the security alienation case. Just zilch was made. Servers and workstations were not blocked. Individual information was not secured. Anyway the Depository financial institution decided to conceal information about the breach. Though the security personnel were able to analyze the set on logs and to run into that the attackers have accessed the payment processing organisation. Nosotros accept stopped the attack as the possible impairment was also high."

Maze states that subsequently, in February 2022, they checked the systems and saw that nothing was done to fix the cybersecurity vulnerabilities. The hackers claim that because of this, they decided to steal the information from the bank, including transaction information and credit carte data:

"We have got over xi milion credit card credentials. Over iv millions of those credit cards are unique. [Of those cards,] 140,000 belong to United states of america citizens."

The ransomware group announced on May 5 that it was going to leak the information without concealing carte du jour numbers. While in this particular instance there is no data on the amount of Bitcoin (BTC) requested by the hackers, the group has ransomed data in the by.

Exercise not take ransomware group's claims as well seriously

Brett Callow, cybersecurity threat analyst at Emsisoft previously told Cointelegraph that hacker'due south claims should be viewed suspiciously:

"Claims made by ransomware groups should be taken with a grain of salt. [...] The details that the criminals choose to release will be ruddy-picked and just data that they desire to be in the public domain — probably because they believe information technology will help their cause in some mode. [...] The press should avoid portraying ransomware groups as beingness in any way Robin Hood-like or repeating claims that aid them."

Equally of press time, Banco BCR has not answered Cointelegraph's request for comment.

Ransomware activeness continues amongst the pandemic

Every bit Cointelegraph reported in tardily April, a contempo report showed a major drop in the number of ransomware attacks carried out during the pandemic on the United States public sector. Nonetheless, this is unlikely to be linked to the cybercriminals' willingness to avoid dissentious the public sector amid the distress already acquired by the coronavirus.

In fact, at the cease of April, hackers reportedly compromised the largest wellness center in Pueblo County, Colorado with cryptocurrency ransomware. While the hospital'south official statements claim that it won't touch patient care, workers allegedly said that the paper-based tape-keeping methods to which they accept resorted are cumbersome and could negatively impact services.