Cybersecurity Alert: Hackers Claim Breach of Major Colombian Banks, Leak Customer Data
Hackers have alleged a data breach affecting two of Colombia’s largest financial institutions Grupo Bancolombia and Banco de Bogota posting samples of purportedly stolen customer data on an underground forum. The claims, made by a single threat actor on DarkForums, remain unverified, but the leaked materials raise concerns about potential exposure.
For Bancolombia, the published data includes names, login timestamps, and limited client details in PDF format, such as adviser locations and insurance plans. While the absence of direct contact information may reduce immediate fraud risks, researchers warn that cross-referencing with other breached datasets could enable more sophisticated attacks, including social engineering and phishing campaigns.
In contrast, the Banco de Bogota samples appear more sensitive, containing around 30 records with names, phone numbers, and physical addresses, increasing the risk of targeted fraud. Neither bank has publicly responded to the claims, and independent verification of the breach is still pending.
The incident underscores the growing cybersecurity threats facing Latin American financial institutions, where large customer bases and expanding digital services create attractive targets. Bancolombia serves approximately 30 million clients across multiple countries, while Banco de Bogota has nearly 10 million customers and over 15,000 employees, highlighting the potential scale of impact if the breach is confirmed.
Bancolombia cybersecurity rating report: https://www.rankiteo.com/company/bancolombia
"id": "BAN1775716437",
"linkid": "bancolombia",
"type": "Breach",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Banking',
'location': 'Colombia',
'name': 'Grupo Bancolombia',
'size': '30 million clients',
'type': 'Financial Institution'},
{'customers_affected': '30 records exposed',
'industry': 'Banking',
'location': 'Colombia',
'name': 'Banco de Bogota',
'size': '10 million customers, 15,000 employees',
'type': 'Financial Institution'}],
'data_breach': {'data_exfiltration': 'Yes (samples posted on underground '
'forum)',
'file_types_exposed': ['PDF'],
'number_of_records_exposed': '30 records (Banco de Bogota)',
'personally_identifiable_information': 'Yes (names, phone '
'numbers, physical '
'addresses)',
'sensitivity_of_data': 'High (for Banco de Bogota), Moderate '
'(for Bancolombia)',
'type_of_data_compromised': ['Names',
'Login timestamps',
'Client details (adviser '
'locations, insurance plans)',
'Phone numbers',
'Physical addresses']},
'description': 'Hackers have alleged a data breach affecting two of '
'Colombia’s largest financial institutions, Grupo Bancolombia '
'and Banco de Bogota, posting samples of purportedly stolen '
'customer data on an underground forum. The claims remain '
'unverified, but the leaked materials raise concerns about '
'potential exposure. For Bancolombia, the published data '
'includes names, login timestamps, and limited client details '
'in PDF format. For Banco de Bogota, the samples contain '
'names, phone numbers, and physical addresses.',
'impact': {'brand_reputation_impact': 'Potential impact due to unverified '
'breach claims',
'data_compromised': 'Customer data',
'identity_theft_risk': 'High (due to cross-referencing risks and '
'sensitive data exposure)'},
'investigation_status': 'Unverified, pending independent confirmation',
'references': [{'source': 'DarkForums'}],
'threat_actor': 'Single threat actor on DarkForums',
'title': 'Hackers Claim Breach of Major Colombian Banks, Leak Customer Data',
'type': 'Data Breach'}