02 September 2015

Santander denies online banking hack

19 April 2011  |  12901 views  |  0 biometric eye

Santander has denied that cybercrooks have hijacked the online banking login page of its Alliance & Leicester unit.

Alarm bells were sounded yesterday when an A&L customer took to technology and programming forums at Stack Overflow and Linode over security concerns with the site.

The customer says he was prompted with a SSL certificate warning for 'www.polycache.com' when attempting to log in to A&L Internet banking via FireFox 4.

Forum members worked to unravel the mystery and decipher the JavaScript. The issue was picked up by Finextra blogger Adam Nybäck who notes that it appeared that at the heart of the matter lies an injection which tries to look like an ordinary web analytics URL.

"It goes to a script at advanced-web-analytics.com which downloads another script from polycache.com which seems to hijack the login part of the site," says Nybäck.

However, Santander has told Finextra that the problem seems to be the result of a "technical failure" at a third party it taps for its online banking systems.

Says a spokesman: "This is currently being investigated further. However, Santander can confirm that neither its website nor the A&L website have been hacked and customer data has not been compromised."

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related stories

18 March, 2011
12 August, 2010
21 April, 2010
28 October, 2009
14 July, 2008

Related company news

 
Your browser is unable to support Flash files.

Top topics

Most viewed Most shared
Third of Brits expect day-to-day mobile pa...
7283 views comments | 36 tweets | 14 linkedin
SunGard system glitch causes havoc for BNY...
7200 views comments | 14 tweets | 12 linkedin
Kenya's NIC Bank links to Twitter and What...
6302 views comments | 27 tweets | 17 linkedin
Payments UK sets out vision for 'world cla...
6263 views comments | 17 tweets | 10 linkedin
HSBC glitch leaves thousands of customers...
5820 views comments | 13 tweets | 7 linkedin

Featured job

Basic £100K+ OTE £200K+
London

Find your next job