The Swiss Bank BCGE was hacked, according to Network World, by a group of hackers who miscalculated a bit.
The hacking group, Rex Mundi, has an M.O. of hacking businesses and then demanding a small ransom from the company in exchange for not publishing what they took.
In this case, they hacked their way into Banque Cantonale de Geneve (BCGE) and stole about 30,000 emails belonging to Swiss and foreign customers of the bank. They asked for a 10,000 euro (about $12,000) ransom in exchange for not publishing them.
The bank, which just came to an agreement with U.S. authorities to hand over information about U.S. citizens who hide assets in Switzerland, decided that their customers wouldn’t care if their emails were publicly published on the web.
I am not sure if that logic really works, but maybe they figured that the U.S. citizens who were hiding money in Switzerland were going to move their money to a more ‘friendly’ country anyway, so who cares. Not really sure.
First, the hacker group announced that BCGE refused to pay the ransom to embarrass them and then they published the emails.
BCGE tried to put a good face on the situation saying they were being ‘transparent’ with their customers since they told the customers that the emails had been stolen. They also said they were the object of an attempted cyber attack along with coercion, which they said, they repelled. I don’t think I would call that an attempted cyber attack; I would call it a successful cyber attack. And, the bank said, they put additional security measures in place.
This group has a reputation for conducting a large number of small hacks and demanding a small ransom from each of the attacked organizations. It does appear that you should assume that if you don’t follow their instructions, they will follow through on their threats.
For business owners, this is just another example of the escalation of the hacking community into a for-profit business.