Despite investing 2.4 billion euros since 2016 to upgrade its cybersecurity profile, Italian banking institution UniCredit has suffered its third recent data breach, this time impacting 3 million customers.
The company said in a short data breach announcement on its website that names, telephone numbers, email addresses and cities where clients were registered were exposed via unauthorized access to a file generated in 2015. Bank account details were not included. UniCredit told Reuters that it wouldn’t release information on how the access occurred, but it did say that has launched an internal investigation and has informed all the relevant authorities, including the police.
UniCredit was also hit with hacking incidents in September-October 2016 and June-July 2017, affecting 400,000 Italian customers. Those hacks were carried out via the network of a commercial partner, the bank said at the time.