A possible cyber hacking attempt at some of Mexico's financial institutions has resulted in large cash withdrawals at several banks, Bloomberg News reported, citing the country's central bank.
A Banco de México official said they have identified five financial institutions whose connections to the central bank's payment system, known as SPEI, were compromised. Through the exposure, money was illegally siphoned from "fake accounts" at the financial institutions and triggered several huge cash withdrawals from other banks, said Banco de México the central bank's head of operations.
In an earlier statement, Martinez said there was no money stolen from the possible hacking. This time, the official said only the central bank accounts of financial institutions had been affected, with no impact on clients.
Still, Martinez avoided calling the episodes a cyberattack, Reuters reported. "At this time, we cannot reject any hypothesis. It was something done on purpose, but how it was done, we are in the process of finding out," the official added.
Through the SPEI, the central bank provides a private, encrypted network in which users can electronically transfer money between deposit accounts. The SPEI itself was not compromised and the issue was observed through an internet application used by financial institutions to connect to the system, Martinez said.
The central bank is not part of investigations launched by the affected firms and the country's attorney general. The probe is looking into the possible involvement of organized criminals in the possible infiltration, Martinez said.
The official did not name companies impacted by the potential cyberattack, although Bloomberg previously reported that Grupo Financiero Banorte SAB de CV, Banco del Bajío SA Institución de Banca Múltiple and Banco Nacional del Ejército Fuerza Aérea y Armada SNC were some of those directly targeted by the cyber crime. Martinez also did not disclose the amount that was illegally transferred.
And while similar incidents were first observed at the end of April, instances were reportedly still detected as recently as this week, Martinez said.
The central bank official said they will ask banks to employ more stress tests so that they can use a backup connection to connect to the SPEI if a similar attempt should happen.
Banco del Bajío said in a statement that its SPEI system has not been hacked and neither the company nor its customers have been affected by cyberattacks on the bank, El Financiero reported.
