Hackers Leak Data from Swiss Bank that Rebuffed $12K Ransom Demand

Hacking group Rex Mundi claims it has dumped identifying details on about 30,000 clients of small Swiss bank Banque Cantonale de Geneve.

The financial firm declined to pay the group’s asking price for privacy: Ten. thousand. euros.

“The alleged hack and its seemingly small-scale demand -- $12,000 at current exchange rates -- speak to the prevalence and ease of a rapidly growing extortion industry that deals in stolen or hijacked data,” Bloomberg reports.

At around 6 p.m. central European time, Rex Mundi released a link that it said contained stolen emails with clients’ names, phone numbers and account numbers, as well as their e-mails with the bank.

Earlier in the day, Banque Cantonale de Geneve had said it “stands with its decision” to refuse the ransom demand.

Earlier this week, the hackers released a statement that included two stolen e-mails to establish credibility.

“If we do not get paid in the meantime, we will post the Banque Cantonale de Geneve #leak tonight on our website,” Rex Mundi said on Twitter earlier today. “We would like to wish a merry tax audit to all the non-Swiss account holders listed in the BCGE files.”

A later tweet from the account added: “It is easier to get 10 companies to pay 10K than to get 1 company to pay 100K.”

The Rex Mundi hackers are an organized part of a broader legion of online hijackers whose tools include ransomware, viruses that lock up home computers and require a payment from victims to release their data.

The group has been around for at least two years, and includes hackers from Germany, Austria, France and possibly the United States.

Banque Cantonale de Geneve, which is partly owned by the canton of Geneva, said in statements on its website that “little usable information” was stolen, and the data did not contain clients’ financial information. All affected customers are being contacted by their advisers, it said.