Bank of Valletta suspended all operations in wake of cyber attack

eBook: The DevOps Roadmap for Security - Tips and tools for bridging the security tribe into DevOps. Download →

Maltese Bank of Valletta (BOV) has been breached by hackers and has temporarily suspended all of its operations to minimize risk and review its systems.

Bank of Valletta cyber attack

The bank shuttered its braches across the island, disabled ATMs, internet and mobile banking and prevented its customers from using BOV cards for effecting payments in stores, hotels, restaurants, etc.

What is known about the attack?

According to Times of Malta, the attack was detected shortly after the start of business on Wednesday morning.

The hackers attempted to transfer €13 million into accounts with UK, US, Czech Republic and Hong Kong banks.

The money transfers were blocked within 30 minutes of when they were performed, but it’s still unconfirmed whether the attackers have or haven’t been able to get their hands on any of the money.

The bank reassured its clients that “customer accounts and their funds are in no way impacted or compromised” in the cyber-attack.

It also said that it is cooperating with local and international police authorities in the investigation of the attack, which apparently originated overseas.

Attack fallout

The total shutdown of BOV’s services lead to chaos especially at supermarkets, as they cater to a large daily number of customers and most of them usually pay via payment cards.

Adding to the chaos was the fact that the bank’s communication systems were down and shop owners couldn’t find out why the card don’t work for many hours.

On Thursday morning, the bank announced that it has called in external security consultants, has tested its IT systems and resumed some of its services during the night.

“Customers may now once again make use of BOV services through the Bank’s branch network across Malta and Gozo, ATMs, Internet Banking, Mobile Banking and by making use of their BOV cards when effecting purchases,” they bank stated.

“Payments to third parties is currently the only service not yet activated. Developments in this regard will be communicated through future press releases.”

BOV also urged its customers to be wary of any requests for their personal or account details and confirmed that they will never ask for customer details through social media, emails or telephone.