1214 GMT March 28, 2020
Hackers sent hundreds of false orders to transfer funds from banks, including No. 2 Banorte, to fake accounts in other banks, and accomplices then emptied the accounts in cash withdrawals in scores of branch offices, two sources close to a Mexican government investigation of the matter said, presstv.com wrote.
One source said the thieves transferred more than 300 million pesos ($15.4 million) while the El Financiero newspaper reported that around 400 million pesos had been stolen.
It was not clear how much of the money transferred was later withdrawn in cash.
Speaking to reporters late on Monday, Mexico’s Central Bank Governor Alejandro Diaz de Leon described the attacks as unprecedented, expressing hope that unspecified measures being taken would stop similar future incidents.
“There’s no evidence that would allow us to say with certainty that this is over,” he said, adding “We’re taking corrective and mitigating action.”
Diaz de Leon declined to name the banks targeted or specify the amounts stolen. He said the central bank was still probing what had happened.
He later said in a radio interview that all the evidence — so far still partial — pointed to cyberattacks.
The central bank’s head of operations, Lorenza Martinez, said on Friday that five financial institutions were targeted with “unauthorized transfers.”
One source said cyber attackers might have received assistance from inside bank branches, since such big cash withdrawals were uncommon.
“In terms of the security of the bank’s offices, I think that is part of the analysis that each bank is doing,” Martinez said.
He stressed that clients’ accounts had not been affected so far and that only the accounts of financial institutions in the Central Bank had been hit.