June 5 — On Friday, Spanish Bank Globalcaja confirmed experiencing a cyber incident involving ransomware. Local systems were affected. The Play ransomware group has claimed responsibility for the attack.
An official Twitter statement (in Spanish) says that the the attack prompted the financial institution to activate its security protocols.
Customers received assurance that the ransomware did not compromise accounts or agreements. The functionality of Globalcaja’s electronic banking platform remained unaffected.
Globalcaja’s ransomware attack
According to the firm, customers can continue to conduct secure financial transactions online. ATMs can also be used without concern.
Within Globalcaja’s administrative offices, some work stations were temporarily disabled in order to contain the incident and to limit potential impact.
The financial sector is attractive to cyber criminals, who are often seeking a payday.
Globalcaja has emphasized that the company is working to normalize the situation and to thoroughly analyze the incident.
Whether or not Globalcaja has met Play’s ransom demands remains unknown at this time.
Banking institutions that have not yet adopted robust security protocols should be sure to do so as soon as possible. Banks require complete visibility across entire networks to quickly identify and contend with cyber threats.
For more cyber security insights geared towards financial institutions, please see CyberTalk.org’s past coverage. To receive more cutting-edge cyber security news, best practices and analyses, please subscribe to the CyberTalk.org newsletter.