Security News > 2023 > July > Deutsche Bank confirms provider breach exposed customer data
Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers' data in a likely MOVEit Transfer data-theft attack.
The bank said that only a limited amount of personal data was exposed due to the security incident.
The number of impacted clients has not been determined, but Deutsche Bank said they have all been informed accordingly on the direct impact and what precautions they should take regarding their exposed data.
The bank is investigating the causes of the data leak and taking targeted action to improve its data security precautions to avoid similar incidents from impacting its clients in the future.
Deutsche Bank said that cybercriminals cannot gain access to accounts using the exposed data, but they might try to initiate unauthorized direct debits.
According to German media outlets, the security incident on the unnamed service provider used by Deutsche Bank also impacted other major banks and financial service providers, including Commerzbank, Postbank, Comdirect, and ING. Handelsblatt received a statement from Commerzbank confirming that the breached service provider is 'Majorel,' who also independently confirmed that it had been the target of a cyberattack leveraging a flaw in the MOVEit software.