UniCredit today announced it has been the victim of a security breach in Italy due to unauthorised access through an Italian third party provider to Italian customer data related to personal loans only.
A first breach seems to have occurred in September and October 2016 and a second breach which has just been identified in June and July 2017. Data of approximately 400,000 customers in Italy is assumed to have been impacted during these two periods. No data, such as passwords allowing access to customer accounts or allowing for unauthorised transactions, has been affected, whilst some other personal data and IBAN numbers might have been accessed.
UniCredit has launched an audit and has informed all the relevant authorities. In the morning, UniCredit will also file a claim with the Milan Prosecutor's office. The bank has also taken immediate remedial action to close this breach.
For immediate information, customers should contact UniCredit's dedicated toll-free number 800 323285 or their regular branch customer services team. In addition, UniCredit will be contacting affected customers through specific channels, not including email or phone calls.
Customer data safety and security is UniCredit's top priority and as part of Transform 2019, UniCredit is investing 2.3 billion euro in upgrading and strengthening its IT systems.
Milan, July 26, 2017
tel +39 02 88623569
e mail: firstname.lastname@example.org
tel +39 02 88621872
e mail: email@example.com