MOSCOW, October 7. /TASS/. Data on credit cards of 5,000 clients of Sberbank, a Russian major bank, were sold by a bank employee to a criminal group on the deep web in late September, but now there is no threat to the clients’ money, Sberbank said in press statement on Monday.
Earlier, the bank refuted reports that data had been leaked from 60 million credit cards, but confirmed the leakage of details on 200 credit cards. It also said it had completed an in-house investigation and exposed an employee who had attempted to steal the client data.
"It has been additionally found out that in late September the offending employee sold 5,000 accounts of credit cards issued by Sberbank’s Urals bank in several tranches to a criminal group on the deep web. Most of these cards are expired or blocked," the bank said, adding that it had reissued these cards and there were no threat to the clients’ funds.
"The bank’s in-house security service jointly with law enforcement agencies seized the stolen data," Sberbank said.
Following the incident, Sberbank CEO Herman Gref said that the bank was planning to "dramatically toughen" control of the employees’ access to the bank’s systems to minimize the effects of the human factor. In an interview with the Rossiya-1 television channel later, he described the leak of clients’ data as an "internal disloyalty" and said the employee behind it would face criminal charges.