Europe's fifth largest bank leaks sensitive information online

Santander, the fifth largest bank in Europe and the 16th largest in the world, has been leaking sensitive company data due to a misconfiguration on one of its websites. Security analysts at CyberNews discovered that Santander's Belgian branch, Santander Consumer Bank, had a misconfiguration in its blog domain that allowed for its files to be indexed. The indexed files include an SQL dump and a JSON file that could be used by hackers to launch phishing attacks. The JSON file contained Santander's Cloudfront API keys. By getting these keys, hackers are able to swap out Santander’s real content -- images,… [Continue Reading]