Italian bank UniCredit announced today that around three million of its customers in Italy have been affected by a data breach in 2015.

The Italian bank UniCredit announced today that around three million of its Italian clients have been affected by a data breach that took place in 2015,

The UniCredit cybersecurity team has determined that threat actors accessed a file created in 2015 and containing approximately three million records belonging to Italian clients.

“The UniCredit cyber security team has identified a data incident involving a file generated in 2015 containing a defined set of approximately 3 million records limited to the Italian perimeter,” read a statement issued by the bank.” “The records consist of names, city, telephone number and email only. Consequently no other personal data or any bank details permitting access to customer accounts or allowing for unauthorized transactions have been compromised.”

Italy’s largest bank UniCredit is pictured in downtown Milan September 12, 2013. REUTERS/Stefano Rellandini ( ITALY – Tags: BUSINESS) – RTX13ISW

The bank reported the incident to the authorities and launched an internal investigation.

“Italy’s biggest lender by assets said no bank details which would permit access to customer accounts or allow for unauthorized transactions had been compromised.” reported the Reuters.

“UniCredit immediately launched an internal investigation and has informed all the relevant authorities, including the police.” continues the statement

“The bank is contacting all potentially affected persons exclusively by post and-or online banking notifications. For any concerns, customers can contact the UniCredit customer services’ team or call toll free 800 323285”.

The bank announced to have invested additional funds to implements additional security measures and protect its systems.

“Since 2016, UniCredit has invested an additional 2.4 billion euros in upgrading and strengthening its IT systems and cyber security,” the bank said.

This is the last security incidet suffered by the bank in order of time, in July 2017 Unicredit disclosed two separate security breaches that exposed client data in September and October 2016, more than 400,000 Italian customers were impacted.

The attacks were carried out via an external commercial partner which UniCredit did not identify, the bank said at that time.

At the time, data of 400,000 loan applicants were exposed due to the hack of a partner.

Pierluigi Paganini