A suspect in the theft of personal data of customers of several banks was detained in Moscow.

“During a special operation, employees of the Ministry of Internal Affairs of Russia, with the assistance of the security service of PJSC Sberbank, identified and detained an attacker suspected of stealing the personal data of clients of several financial and credit organizations, including PJSC Sberbank,” RIA Novosti quotes the official representative of the Ministry of Internal Affairs of the Russian Federation, Irina Volk.

According to preliminary information, the suspect is an employee of NSV LLC (National Recovery Service). Sberbank promptly announced that they intend to refuse the services of this company as soon as possible. According to the source of TASS, the data of Sberbank clients left the collection agency with which the bank works under the agreement.

“In connection with the violation of the terms of the contract and the loss of confidence, Sberbank will terminate the contract with NSV as soon as possible and conduct an audit of the personal data protection systems of problem borrowers used by collection agencies - contractors of Sberbank,” TASS quotes the bank.

In turn, NSV plans to conduct its own investigation of the situation with the leak of customer data, while the company did not participate in the investigative actions.

  • © Maxim Shemetov / Reuters

“The NSV company was not notified by law enforcement authorities about the investigation regarding the data leak, did not participate in the investigative actions,” RIA Novosti quoted the message as “NSV”.

The Ministry of Internal Affairs established that the attacker lived in Volgograd and acted under the pseudonym “Anton 2131”.

The detainee was taken to the police. A criminal case has been instituted against him under the article “illegal receipt and disclosure of information constituting a commercial, tax or banking secret”. Depending on the gravity of the crime, the punishment under this article varies from a fine of 500 thousand rubles to seven years in prison.

Bank customer data leaks

Earlier, the Russian media reported a leak of user data from Sberbank. The newspaper Kommersant reported the appearance on the black market of a base with 60 million customer credit cards in early October.

Then the bank began its own investigation, as a result of which the attacker was identified inside the company. It turned out to be the head of the sector in one of the business units of the organization. Law enforcement authorities seized all the stolen information, and re-issued the cards that got into the fraudster's database. The bank noted that there was no threat to customers.

The situation was then commented on by the head of the bank, German Gref, who noted that the leakage incident was the reason for tightening control over the data.

“We have made serious conclusions and radically strengthened the control of access to the work of our systems for bank employees in order to minimize the impact of the human factor,” said the bank head.

At the same time, Gref later pointed out the peculiarities of Russian legislation, because of which a person who stole a wallet with a thousand rubles “bears a more severe responsibility than a person who stole data and allowed to steal money from thousands of people.” The head of Sberbank called for tougher punishment for the theft of such information.

In the material of Kommersant dated October 23, it was reported that a new 1 million-line database was on sale with information about the passport, residence permit, phone number, accounts, balance or debt of customers who have a loan or credit cards from Sberbank.

It is noteworthy that in addition to this information, data sellers on the black market offered customers the latest recording of a client’s conversation with the bank’s call center.

As journalists managed to find out from the seller of the database, the data array allegedly contains relevant data accumulated since 2015, and is updated weekly. The merchant estimated the cost of one line at 30 rubles.

However, the second data leak at Sberbank was denied, explaining that neither the bank itself nor its subsidiaries had anything like that.

“All official information on this topic was published by the bank earlier. We do not comment on information that belongs to the category of rumors and speculation, ”RIA Novosti quoted the bank’s press service as saying.