Ripple (XRP) appears as a potential getaway vehicle in a ransom standoff between hackers and two Canadian banks, Simplii and Bank of Montreal (BMO). The two banks reported that malicious hackers have gained access to personal information belonging to more than 90,000 customers.
The hackers demand a $1 million XRP payment or else they will disclose the stolen data. Releasing these details could lead to massive losses. Usually, hackers would use the information to access the accounts and steal the money. However, it seems they are taking a different route and do not want to leave a paper trail.
Recent reports reveal the stolen data includes account numbers, names, security questions, passwords and social insurance numbers. The hackers sent a letter on Monday warning the banks that they would share the data if the banks failed to comply with their demands. The letter appears Russian in origin.
The hackers also revealed that they managed to gain partial access to the databases of both banks by leveraging a common algorithm that was designed to authenticate insurance numbers and credit card numbers. It algorithm’s design was to validate non-lengthy numeric sequences. They also shared that they were able to use the algorithm to get the account numbers. Additionally, they were able gain account access by pretending they forgot the password to those accounts.
In the letter, the hackers revealed the banks were providing too much half-way authenticated account information.
The two banks released a statement saying that making payments to fraudsters is not part of their practice. They also want customers to know that serving and safeguarding them is their biggest commitment. This means the banks do not intend on fulfilling the hackers’ Ripple demands.
Meanwhile, some account holders at the two banks have revealed to CBC News that they were concerned about the matter. Some of them claim that the news is shocking and a cause for concern, because it means banking systems are not as secure as people think.