We are aware that during the incident on October 7, some "Inbank" customers received SMS messages with suspicious links. An investigation revealed that these fraudulent SMS messages were sent through one of our service provider's systems, which was accessed via unauthorized login. During this incident, some of our customers' personal data, specifically phone numbers, were accessed. In some cases, in addition to the phone number, the person's first name (without the surname) or contract number may have also been disclosed. No other sensitive personal data were exposed during the incident, and "Inbank" systems were not compromised.
We immediately reported this incident to the National Cyber Security Center (NKSC), which blocked the links provided in the messages on the same day. All information related to the incident has already been submitted to the State Data Protection Inspectorate (VDAI).
The security of our customers' information is our top priority. We have implemented additional security measures to ensure that such incidents do not occur in the future. Unfortunately, fraudsters are becoming increasingly sophisticated and continually finding new ways to deceive users.
If you receive a suspicious message, we strongly advise customers not to respond or click on any suspicious links. The best course of action is to delete the message immediately to avoid accidentally clicking the link. It is important to remain cautious when receiving messages and to carefully verify any facts or links. If in doubt, we encourage customers to contact "Inbank" directly by phone or email.
We apologize for the inconvenience caused.
