Data on about 3,000
The data went on sale on April 19 and contained what the hacker said was information on UniCredit workers, including emails, phone numbers, encrypted passwords and names, Telsy, a unit of
“The database appears to be genuine and the potential result of a SQL injection attack,” Telsy wrote. A SQL injection is a malicious code-insertion technique used to attack applications.
UniCredit said it was investigating the matter and is contacting “relevant authorities.” ...