07 December 2023

Data leak at Deutsche Bank and Postbank

According to a report dated 10 July 2023, data has been stolen from Deutsche Bank and Postbank. Both banks are currently informing their customers of the incident. Specifically, there appears to have been a cyber attack on an external service company that manages account changes for both banks. This service records account information for transmission to employers and other payment partners in the event of account changes.

Unidentified individuals were able to access customers' first names, surnames and IBANs from the service provider. It is not yet known how many records were stolen in total. Those affected are those who used the account switching service in 2016, 2017, 2018 and 2020. The cause of the data leak has been corrected, but problems occurred at more than 100 companies in 40 countries.

Deutsche Bank and Postbank customers are urged to check their account statements, as the account data can at least be used to place direct debit orders. In the event of misuse, the banks will refund the money. Unauthorised direct debits can be disputed for 13 months.