Live: Samsung Unpacked Live Updates Apple HomePod 2 Review Apple Earnings Preview Resurrecting the Dodo COVID Emergency to Expire DOJ Eyes Tesla Self-Driving DC's 'Gods and Monsters' Slate Salami, Sausage Recalled
Want CNET to notify you of price drops and the latest stories?
No, thank you

Security breach threatens more than 11,000 financial institutions

The theft of $81 million from a Bangladesh bank is just one of many recent incidents, Reuters reports.


An international financial consortium warned its customers on Monday that an $81 million cybertheft from Bangladesh's central bank isn't an isolated incident.

SWIFT, the Society of Worldwide Interbank Financial Telecommunications, called the attack one of "a number of recent cyber incidents" in a confidential alert to customers seen by Reuters. The attack could be "malicious insiders or external attackers" who've altered SWIFT software to hide monetary transfers, the consortium said in the alert, which was sent over its system.

Belgium-based SWIFT later confirmed to CNET that internal vulnerabilities at customer institutions had previously been exploited. The organization didn't provide details on either the organizations or the incidents, but confirmed "commonality" in the cases, which sometimes involved malware to hide evidence of the attack.

SWIFT said its core messaging services and network were unaffected by the malware.

The cases appear to involve attackers breaching systems at banks and obtaining operator credentials allowing them to hide evidence of fraudulent payments. The credentials give the attackers the ability to create, approve and submit messages using the banks' systems.

SWIFT didn't place a value on losses.

The cooperative facilitates secure and standardized communication among more than 11,000 banking and securities organizations. It's owned by more than 3,000 financial institutions.

SWIFT released a security update on Monday to eliminate the malware behind the breach.

Update, 11:32 a.m. PT: Added comment from SWIFT.