Cyber Incident Victim: Banco del Estado de Chile

On May 24, 2018, Banco de Chile (Bank of Chile) disconnected approximately 9,000 computers across its branch network after detecting a virus deployed by hackers. This action was taken as a protective measure to safeguard customer accounts after the malicious software triggered security alerts. While the bank focused on containing this apparent threat, attackers simultaneously executed a separate scheme using the SWIFT global banking messaging system to initiate unauthorized international transfers. These fraudulent transactions remained undetected initially, allowing millions to be transferred out of the bank before security teams identified and canceled the transfers. Forensic analysis conducted by Microsoft determined the attack originated from a sophisticated international hacking group, with investigators attributing likely origins to Eastern Europe or Asia based on technical evidence. The bank confirmed $10 million was stolen, with most funds routed to accounts in Hong Kong.

The cyberattack caused Banco de Chile’s shares to decline by 0.47% to 100.4 Chilean pesos in mid-day trading on June 11, 2018, following public disclosure of the incident. CEO Eduardo Ebensperger emphasized that no client accounts were compromised, stating the attackers targeted institutional funds rather than customer assets. The bank filed a criminal complaint in Hong Kong to pursue legal recourse regarding the stolen funds. In its May financial statement, Banco de Chile indicated it would collaborate with insurers to recover financial losses from the heist. Ebensperger characterized the incident as an attempt to damage the bank directly, noting the distraction virus and SWIFT fraud demonstrated coordinated tactics to bypass security protocols during the operational disruption.