An internal investigation is ongoing and a spokesman for UniCredit said no details could be disclosed on how the breach happened. Initial evidence of the incident emerged last Thursday and was confirmed at the weekend, prompting UniCredit to immediately inform all relevant authorities including the police, the company spokesman said.
The Italian police said separately they were carrying out checks in relation to the unauthorised access to the UniCredit file to see if any crimes had been committed. UniCredit has been victim in the past of two separate suspected hacker attacks which took place in September-October 2016 and June-July 2017, affecting 400,000 Italian customers.
Those attacks had been carried out via an external commercial partner which UniCredit did not identify, the bank said at the time. The spokesman said the latest incident was not in any way related to the previous episodes.