The National Bank of Ukraine reported that its online store selling numismatic products has been subjected to a cyberattack. Attackers may have gained access to usersʼ personal data.
This was reported by the NBU press service.
They say the breach was caused by a cyberattack on a contractor. The storeʼs website is currently temporarily unavailable.
The National Bank assured that customersʼ financial data, including payment card details, were not affected. However, usersʼ names, phone numbers, emails, and shipping addresses could have fallen into the hands of attackers.
The bank is currently investigating the circumstances of the incident and working with the service provider to eliminate the consequences.
The NBU explained that the attack took place using the supply chain principle, where hackers try to gain access through subcontractors. This is a common tactic used by hackers around the world.
Therefore, from the very beginning, the NBU designed an architecture with isolation of contractors from critical systems, "and this approach paid off".
The bank urged customers to be "especially vigilant", as the data obtained could be used by attackers for phishing. They emphasized that National Bank employees do not send letters asking to confirm personal data, do not call about payment card details, do not ask to pay for orders using alternative methods, and do not send links for "urgent verification".
For more news and in-depth stories from Ukraine, please follow us on X.