​Interbank, one of Peru’s leading financial institutions, has confirmed a data breach after a malicious actor who hacked its systems leaked stolen data online.

Formerly known as International Bank of Peru (Banco Internacional del Perú), the company provides financial services to more than 2 million customers.

“We have identified that certain data of a group of customers was exposed by a third party without our authorization. Faced with this situation, we immediately deployed additional security measures to protect the operations and information of our customers,” Interbank said Today.

While customers reported that the bank’s mobile app and online platforms stopped working throughout the day and in another outage reported two weeks ago, Interbank says most of its operations are now back online and that its customers’ deposits are secure.

“We want to assure our customers that Interbank guarantees the security of your deposits and all your financial products. Most of our channels are working. As soon as we have completed the comprehensive review, we will restore operations in the rest of our channels “, Interbank said. added.

Although the bank has yet to disclose the exact number of customers whose data was stolen or exposed in the breach, as first spotted Dark Web InformerA malicious actor using the handle “kzoldyck” is now selling allegedly stolen data from interbank systems on several hacking forums.

​The malicious actor claims to have successfully stolen interbank customers’ full names, account IDs, dates of birth, addresses, phone numbers, email addresses and IP addresses, as well as contact numbers. credit card and CVV, credit card expiration dates, banking transaction information, and other sensitive information, including clear text credentials.

“Over 3 million customer information and in addition to the data I have uploaded here, I also have clear usernames and passwords for customers, which allows access to accounts banks of the IP block of Peru (restricted to the validation of biometric photos for some of them)”, declares the threatening actor.

“Right now I’m downloading a part with information about 3M+ customers. Total data over 3.7TB. I got a lot of internal API credentials, LDAP, Azure credentials , etc. “

They also claimed in a thread where samples of the stolen data were posted that negotiations with Interbank management began two weeks ago. Yet the extortion attempt failed after the bank decided not to pay.

An Interbank spokesperson was not immediately available when contacted by BleepingComputer earlier today for more details on the breach.