The Bank of México (Banxico) raised the security alert level in its payment system to red yesterday after multinational insurance company AXA reported a cyberattack.
The central bank said in a statement issued at 10:00pm that all security protocols had been activated to minimize potential risks.
In light of the “inconsistencies” reported by AXA, Banxico said that as a precautionary measure some non-banking users of its electronic interbank payment system, known as the SPEI, “will operate through an alternative mechanism.”
AXA said in a separate statement last night that it had detected a cyberattack on its connection to the SPEI but declared that no funds were lost and no client data was compromised.
“From the first moment we detected this incident with the SPEI, we notified the Bank of México and implemented different actions to further strengthen and guarantee our security processes,” the company said.
It added that its personnel are working with authorities to quickly solve the issue.
Mario Di Costanzo, head of the financial consumer protection agency Condusef, said that no other organizations have reported being targeted, adding that the payment systems of entities transferred to the alternative payment system are being monitored.
Banxico governor Alejandro Díaz de León said in May that a cyberattack in April that tapped into payment system connections cost five financial institutions 300 million pesos (US $15.3 million).
The “unauthorized transfers originated in the system that connects the institutions to the [Banxico] payment system” rather than in the SPEI itself, the former head of the Bank of México’s payment system explained.
Source: El Economista (sp), El Financiero (sp)