Hackers using the moniker ‘Rex Mundi’ at first demanded a 10,000-euro ransom before releasing data on Swiss and foreign customers
The hackers last week used a Twitter account named Rex Mundi to announce that they had hacked state-owned Banque Cantonale de Geneve (BCGE) and downloaded more than 30,000 email messages between the bank and its customers.
Public servers hacked
The bank said the attack seemed to have affected its public-facing servers, which allow customers to communicate with the bank, but said no internal systems or accounts had been compromised. The hackers set a 1700 GMT deadline for BCGE to pay a 10,000-euro (£7,800) ransom, warning that otherwise it would release the stolen data.
Several hours after the deadline, the bank said in a statement that the data had been released, but represented “no particular financial risk for clients or the bank”.
“At first analysis, this information is hardly critical, is obsolete or corresponds to foreseen contents about which it has already informed a significant number of clients concerned.”
A spokeswoman told Reuters that all of the 30,192 intercepted emails, which involve both Swiss and foreign clients, appear now to have been published. The data was taken from Internet-based inquiries, she said.
“We would like to wish a merry tax audit to all the non-Swiss account holders listed in the BCGE files,” the hackers stated on their Twitter account on Friday.
Switzerland is known as a tax haven, and BCGE is one of many banks that have participated in a government-brokered programme that allows banks to pay fines for having helped wealthy foreigners avoid paying tax.
BCGE’s spokeswoman said it is up to clients to regularise their tax situation.
Are you a security pro? Try our quiz!