Ecuador’s Banco Pichincha has yet to recover after recent cyberattack

The customers of Banco Pichincha, the largest bank in Ecuador, are still experiencing service disruptions after a massive cyberattack hit the financial organization early this week.

The cyberattack took place over the last weekend and forced the bank to shut down a large part of its computer network in response to the incident.

Many services of the bank were disrupted, including online banking, mobile app, and ATM network, many customers crowded the Pichincha bank branches that remained open the days after the cyber attack. The Banco Pichincha has about 1.5 million clients for a portfolio of $1.5 billion.

The bank issued a statement on Monday to inform the customers about the cyber attack, it also added to have “identified a cybersecurity incident in our systems that has partially disabled our services.”

The main bank shareholder, Fidel Egas, tweeted that “We are doing the impossible. They want to blame us for something in which we are the victims.”

Mañana y el sábado trabajaremos para arreglar problemas. Compruebe el giro— FIDEL EGAS (@FEGASG) October 14, 2021
El sistema no está caído. Tiene problemas que se van solucionando. No somos mejores en tecnología que otros Bancos pero estamos trabajando para superar esta contingencia— FIDEL EGAS (@FEGASG) October 11, 2021The authorities, including the Superintendency of Banks, are investigating the incident.

The public information about the attack suggests that the bank was the victim of a ransomware attack, sources in the cybersecurity industry confirmed it to BleepingComputer.

This is the second attack suffered by the Ecuador bank this year, in February a cybercrime group called ‘Hotarus Corp’ has breached the Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claimed to have also stolen data from the Banco Pichincha bank and infected a system at Ministry of Finance using for training purposes with PHP-based ransomware.

An alleged member of the @HotarusCorp leaked on a hacking forum a link to a file containing 6500 records (Email, Identity Card numbers, and passwords) that claims to Ministry of Finance.

A member claim to be @HotarusCorp on a #leak forum claiming to have #data of Ministry of #Finance of #EcuadorMember posted a #mega link which has txt file with 6500 records – Email, Identity Card numbers and passwords.#breach #infosec #[email protected] @EcuCERT_EC pic.twitter.com/WTbXz8EYLx— Security Chronicle (@SecurChronicle) February 23, 2021

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, Banco Pichincha)

The post Ecuador’s Banco Pichincha has yet to recover after recent cyberattack appeared first on Security Affairs.