{ "id": "d10905cc-a79f-47d1-8adf-58dabdbea61c", "created_at": "2026-04-06T00:06:41.285925Z", "updated_at": "2026-04-10T13:12:32.040254Z", "deleted_at": null, "sha1_hash": "df915bf0ba17d107494679d82c43e223d9efcf23", "title": "CySecurity News - Latest Information Security and Hacking Incidents: Truist Bank Confirms Data Breach After Information Surfaces on Hacking Forum", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 110306, "plain_text": "CySecurity News - Latest Information Security and Hacking\r\nIncidents: Truist Bank Confirms Data Breach After Information\r\nSurfaces on Hacking Forum\r\nBy CySecurity News, twitter.com/ehackernews\r\nArchived: 2026-04-05 15:53:32 UTC\r\nTruist Bank, one of the largest commercial banks in the United States, has confirmed a cybersecurity breach after\r\nstolen data appeared for sale on a hacking forum. The breach, which occurred in October 2023, was brought to\r\nlight when a threat actor, identified as Sp1d3r, posted the bank’s data online.\r\nDetails of the Breach\r\nHeadquartered in Charlotte, North Carolina, Truist Bank was formed in December 2019 through the merger of\r\nSunTrust Banks and BB\u0026T (Branch Banking and Trust Company). The bank, now with total assets of $535\r\nbillion, offers a variety of financial services, including consumer and small business banking, commercial\r\nbanking, corporate and investment banking, insurance, wealth management, and payment services.\r\nThe breach reportedly involves sensitive information from 65,000 employees, including bank transactions with\r\nnames, account numbers, balances, and the source code for Truist’s Interactive Voice Response (IVR) system.\r\nSp1d3r is attempting to sell this data for $1 million, according to DarkTower intelligence analyst James Hub, who\r\nfirst spotted the listing.\r\nhttps://www.cysecurity.news/2024/06/truist-bank-confirms-data-breach-after.html\r\nPage 1 of 2\n\nIn a statement, a Truist Bank spokesperson confirmed the October 2023 cybersecurity incident and emphasised\r\nthat it was swiftly contained. The bank worked with external security consultants to investigate the breach,\r\nenhance security measures, and notify affected clients. Initially, only a small number of clients were informed, but\r\nadditional clients have been notified as the investigation continues to uncover new information.\r\nThe spokesperson clarified that this incident is not connected to the ongoing Snowflake attacks, stating, \"We have\r\nfound no evidence of a Snowflake incident at our company.\" They also noted that Truist Bank regularly\r\ncollaborates with law enforcement and cybersecurity experts to safeguard its systems and data. To date, there have\r\nbeen no indications of fraud resulting from this breach.\r\nOther Breaches Linked to Sp1d3r\r\nSp1d3r is also selling data stolen from the cybersecurity firm Cylance for $750,000. This data reportedly includes\r\n34 million customer and employee emails, along with personally identifiable information. Cylance confirmed that\r\nthe stolen data is from 2015-2018 and was taken from a third-party platform.\r\nIn another incident, Sp1d3r had previously listed 3TB of data stolen from Advance Auto Parts, a provider of\r\nautomotive aftermarket parts, on the same hacking forum. This data was reportedly taken from Advance’s\r\nSnowflake account.\r\nThe confirmation of Truist Bank’s data breach highlights the persistent threat of cyberattacks on major financial\r\ninstitutions. Truist Bank remains committed to securing its systems and protecting client information as\r\ninvestigations continue. In the era of digitalisation it is highly imperative to stay three steps ahead of how\r\ntechnology is being leveraged towards attacking sensitive data and institutional information. \r\nSource: https://www.cysecurity.news/2024/06/truist-bank-confirms-data-breach-after.html\r\nhttps://www.cysecurity.news/2024/06/truist-bank-confirms-data-breach-after.html\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "MISPGALAXY", "Malpedia" ], "origins": [ "web" ], "references": [ "https://www.cysecurity.news/2024/06/truist-bank-confirms-data-breach-after.html" ], "report_names": [ "truist-bank-confirms-data-breach-after.html" ], "threat_actors": [ { "id": "d99090fb-318c-46a2-a1b6-9e89ec61a6d8", "created_at": "2024-06-19T02:00:04.375337Z", "updated_at": "2026-04-10T02:00:03.652523Z", "deleted_at": null, "main_name": "Sp1d3r", "aliases": [], "source_name": "MISPGALAXY:Sp1d3r", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434001, "ts_updated_at": 1775826752, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/df915bf0ba17d107494679d82c43e223d9efcf23.pdf", "text": "https://archive.orkl.eu/df915bf0ba17d107494679d82c43e223d9efcf23.txt", "img": "https://archive.orkl.eu/df915bf0ba17d107494679d82c43e223d9efcf23.jpg" } }