Hackers have stolen the sensitive information on thousands of Canadian bank users from two top-ranked banks in Canada. Sensitive financial information like account numbers, DOB, and social security numbers of nearly 100,000 customers from Bank of Montreal (BMO) and online bank Simplii Financial owned and managed by Canadian Imperial Bank of Commerce (CIBC) have been stolen by hackers and they have threatened the Bank to release this information in public. Hackers demanded $1 million worth of XRP Cryptocurrencies.

How They Hacked the Information

Hackers sent an email in which they have explained how they have gained access to the more than 90,000 accounts because of the poor cybersecurity measures from the banks and they exploited the weakness in the security system of both of the banks. They used a very common mathematical algorithm which was designed to validate the short numerical sequences like social security numbers and credit cards. Then they used this algorithm to get account numbers, which allowed them to portray as authentic account holders who had simply forgotten their password. And this was enough information to get full access to the account by resetting all the security questions.

They were giving too much permission to half-authenticated account which enabled us to grab all these information, and the bank was not checking if a password was valid until the security question were input correctly. Part of the email by the hackers

Ransom Demanded

Hackers who stole information on thousands of Canadian bank users have demanded $1 million-worth of the cryptocurrency Ripple XRP. According to the sources, no payment has been made yet in this regard. And bank officials are saying that they are working with their cybersecurity team to protect their clients’ information. They also suggested their clients reset and change their passwords and security questions on a frequent basis.