InterBank 2024 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Interbank Peru Retail Bank Breach (2024): 3.3 Million Customer Records Including SSN & Home Address Exposed
Peruvian bank offering retail and commercial financial services.
Verified by ObscureIQ Intelligence
65/100Breach Risk Index
33Data Value
25Market Recency
544dSince Breach
Breach Intelligence Summary
Entity: InterBank · Actor: kzoldyck · Sources: 2 references
Attack: Misconfiguration
Profile: Financial institution · Banking and financial services · Retail and commercial banking · Peru
Timeline: Breach (2024-10-30) · Indexed (Oct 30, 2024) · Year (2024)
Exposure: 3.3M records · 5 fields: Email Address, Full Name, Phone Number, Physical Address, Social Security Number
Status: Reported
Executive Summary
Interbank, a leading financial institution in Peru, confirmed a major data breach on October 30, 2024 after a threat actor using the alias 'kzoldyck' published stolen data on dark-web forums following a failed two-week extortion negotiation. The bank stated that customer data had been exposed by an unauthorized third party and that it had deployed additional security measures, while emphasizing that customer deposits and financial products remained secure. Customers reported intermittent outages of mobile and online platforms during the disclosure period.\n\nThe dataset published by the threat actor reportedly totaled around 3.7 terabytes and covered information on more than three million customers, with approximately 3.3 million records subsequently indexed in public breach-tracking services. Compromised fields included names, email addresses, phone numbers, home addresses, and Peruvian national identification numbers (DNI), with broader claims by the threat actor of also possessing dates of birth, IP addresses, financial transaction histories, credit card numbers with CVVs and expiration dates, plaintext usernames and passwords, and internal system credentials including API and Azure access.\n\nFor affected individuals, the practical risk is unusually severe and immediate. The combination of name, DNI, date of birth, and home address creates a strong base for identity-verification bypass at other Peruvian financial institutions and government services. Card data, where current, supports direct payment fraud; the threat actor's claim of plaintext credentials raises the prospect of direct account-takeover attempts limited only by Peru-IP and biometric controls Interbank has in place. Affected customers should change their Interbank credentials and any reused passwords, monitor financial transactions closely, and treat any unsolicited contact referencing their account or recent banking activity with extreme caution.
ObscureIQ assessment: Severe risk of account takeover, identity theft, financial fraud, and highly effective banking-themed phishing. Banking data is especially dangerous because it can be used to pivot into many other financial relationships.
Breach Impact
The 2024 incident produced meaningful institutional impact for Interbank. The bank faced an enforced criminal investigation by Peru's cybercrime prosecutors, parallel scrutiny from banking regulators, and a wave of media coverage in Peru that cast the bank as the highest-profile financial-sector breach victim in the country's recent history. Operationally, Interbank's mobile and online platforms experienced extended outages around the disclosure, and the bank had to rebuild authentication controls. The reputational cost has been concentrated in domestic Peruvian markets where the bank's brand is most central. The threat actor's public statements about the failed extortion negotiation contributed to public criticism of the bank's incident handling.
About InterBank
Interbank, formally known as Banco Internacional del Perú, is one of the leading financial institutions in Peru. Founded in 1897, it ranks as the country's fourth-largest bank by various measures and operates a national network of branches and ATMs serving more than two million customers. The bank offers retail, commercial, and digital banking services, with customer relationships built around current accounts, loans, credit cards, and digital banking platforms. In 2023 it reported more than $1.5 billion in revenue. Interbank's customer base is concentrated in Peru, with the bank handling identity, transaction, credit, and authentication records typical of a large national retail-banking institution.
Why They Hold Your Data
Retail and commercial banks collect highly sensitive identity, account, transaction, loan, device, and authentication data across banking and customer-service operations.
Recent Developments
Interbank has continued to operate following the October 2024 incident and has worked to restore customer confidence in its mobile and online platforms after a series of intermittent outages during the early days of the breach. The Cybercrime Prosecutor's Office of Lima brought criminal charges against the alleged hacker and demanded a cybersecurity report from Interbank covering the vulnerabilities that allowed the breach. Peruvian banking regulators announced that they were monitoring the incident for potential legal violations. The 2024 dataset has continued to circulate on dark-web forums in the months since the original disclosure, with the threat actor publicly stating Interbank refused to pay ransom.
Data Points Exposed
5 verified field types
Email Address
Full Name High
Phone Number
Physical Address High
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:Critical
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat vectors:
- Phishing, credential stuffing & account takeover
- Name-based social engineering
- SIM swapping, vishing & SMS phishing
- Physical stalking, mail fraud & identity verification
- Home targeting, stalking & physical threat
- Full identity theft & synthetic identity fraud
Threat Actor: kzoldyck
kzoldyck
Misconfiguration
Attribution and method are based on available breach intelligence. Reported attack vector: Misconfiguration.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the InterBank breach?▾
Interbank, a leading financial institution in Peru, confirmed a major data breach on October 30, 2024 after a threat actor using the alias 'kzoldyck' published stolen data on dark-web forums following a failed two-week extortion negotiation. The bank stated that customer data had been exposed by an…
What data was exposed?▾
Verified fields include Email Address, Full Name, Phone Number, Physical Address, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation