InterBank Data Breach
Interbank Peru Retail Bank Breach (2024): 3.3 Million Customer Records Including SSN & Home Address Exposed
Peruvian bank offering retail and commercial financial services.
Risk Interpretation
Severe risk of account takeover, identity theft, financial fraud, and highly effective banking-themed phishing. Banking data is especially dangerous because it can be used to pivot into many other financial relationships.
Impact & Downstream Threats
The 2024 incident produced meaningful institutional impact for Interbank. The bank faced an enforced criminal investigation by Peru's cybercrime prosecutors, parallel scrutiny from banking regulators, and a wave of media coverage in Peru that cast the bank as the highest-profile financial-sector breach victim in the country's recent history. Operationally, Interbank's mobile and online platforms experienced extended outages around the disclosure, and the bank had to rebuild authentication contro
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
Interbank, a leading financial institution in Peru, confirmed a major data breach on October 30, 2024 after a threat actor using the alias 'kzoldyck' published stolen data on dark-web forums following a failed two-week extortion negotiation. The bank stated that customer data had been exposed by an unauthorized third party and that it had deployed additional security measures, while emphasizing that customer deposits and financial products remained secure. Customers reported intermittent outages of mobile and online platforms during the disclosure period.\n\nThe dataset published by the threat actor reportedly totaled around 3.7 terabytes and covered information on more than three million customers, with approximately 3.3 million records subsequently indexed in public breach-tracking services. Compromised fields included names, email addresses, phone numbers, home addresses, and Peruvian national identification numbers (DNI), with broader claims by the threat actor of also possessing dates of birth, IP addresses, financial transaction histories, credit card numbers with CVVs and expiration dates, plaintext usernames and passwords, and internal system credentials including API and Azure access.\n\nFor affected individuals, the practical risk is unusually severe and immediate. The combination of name, DNI, date of birth, and home address creates a strong base for identity-verification bypass at other Peruvian financial institutions and government services. Card data, where current, supports direct payment fraud; the threat actor's claim of plaintext credentials raises the prospect of direct account-takeover attempts limited only by Peru-IP and biometric controls Interbank has in place. Affected customers should change their Interbank credentials and any reused passwords, monitor financial transactions closely, and treat any unsolicited contact referencing their account or recent banking activity with extreme caution.
About InterBank
Interbank, formally known as Banco Internacional del Perú, is one of the leading financial institutions in Peru. Founded in 1897, it ranks as the country's fourth-largest bank by various measures and operates a national network of branches and ATMs serving more than two million customers. The bank offers retail, commercial, and digital banking services, with customer relationships built around current accounts, loans, credit cards, and digital banking platforms. In 2023 it reported more than $1.5 billion in revenue. Interbank's customer base is concentrated in Peru, with the bank handling identity, transaction, credit, and authentication records typical of a large national retail-banking institution.
Why They Hold Your Data
Retail and commercial banks collect highly sensitive identity, account, transaction, loan, device, and authentication data across banking and customer-service operations.
Recent Developments
Interbank has continued to operate following the October 2024 incident and has worked to restore customer confidence in its mobile and online platforms after a series of intermittent outages during the early days of the breach. The Cybercrime Prosecutor's Office of Lima brought criminal charges against the alleged hacker and demanded a cybersecurity report from Interbank covering the vulnerabilities that allowed the breach. Peruvian banking regulators announced that they were monitoring the incident for potential legal violations. The 2024 dataset has continued to circulate on dark-web forums in the months since the original disclosure, with the threat actor publicly stating Interbank refused to pay ransom.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, full_name, phone_number, physical_address:home, ssn
Dark Web Verification
- Dataset containing ~3.3M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: inter-bank-2024
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of InterBank
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam