Latin American customers were left unprotected due to Bankingly's data breach

The data leak was related to Bankingly, a fintech platform that provides web services and mobile applications to financial institutions in Latin America. The company primarily serves small and medium-sized financial institutions, including banks, credit unions and microfinance organizations, with most of them located in rural areas of the region. Bankingly is believed to have used storage buckets to store customer data, including personal information and account details, to provide software solutions to financial institutions. Leaked information includes full names, financial application usernames, email addresses, and home and work phone numbers.

According to the information provided, the financial institutions affected by the leak included La Cooperativa de Ahorro y Crédito Abierta “San Martín de Porres”, Asociación La Nacional de Ahorros y Préstamos, Caja Buenos Aires, Caja Mitras, Coac Puellaro, Credecoop, and AMC. The leaked information not only damages the reputation of the above-mentioned financial institutions but also poses several risks to the affected individuals. Although the information is not enough for cybercriminals to directly carry out financial transactions such as applying for a loan or opening a new bank account, it can be used for phishing or social engineering attacks. Criminals can exploit the leaked data to create phishing emails that appear to come from the victim's financial services provider or impersonate a bank employee to trick individuals into revealing additional personal information or login credentials.

When contacted by Cybernews, Bankingly mentioned that the data in the buckets was secured. However, the company did not respond to requests for comment, nor did the affected financial institutions.