Bad information for Polish clients of banks. A dangerous data leak from Alior, MBank and Santander

On the open Docer.pl website, files containing sensitive information of clients of Polish banks have been revealed. Among the documents made available, there were lists of banking operations, surnames and addresses of customers, including mBank, Alior Bank and Santander. Experts from Dziecznik.pl suggest that the source of the leak could be a credit intermediary, although the exact cause remains unknown.

How did the leakage happen?

According to the available information, some of the files have been on the website since 2023, but their number increased significantly at the beginning of 2024. It is possible that the responsibility for the publication is borne by the financial institution or its external partner serving loans.

Bank reaction to data leakage

Banks whose customers have been disclosed have taken explanatory actions. Santander Bank Polska emphasized that the documents were not available by the bank and are analyzed. Alior Bank pointed out that the leakage does not result from the error of the bank’s employees or violated its infrastructure. At the same time, it was assured that banks apply the highest data protection standards and report the case to the Office for Personal Data Protection.

How to check if your data has leaked?

People who are afraid of their safety can check their own data on the web. Just use the Google search engine by entering:

site:docer.pl (imię i nazwisko)

This allows you to find documents that could already be removed, but are still indexed by search engines.

What threats does this leak bring?

Providing such data as full statements of bank operations, customer addresses and personal data may lead to:

• identity theft,
• financial fraud and attempts to extort loans,
• phishing attacks,
• abuse in access to bank accounts.

Anyone whose data may have leaked should be particularly cautious about suspicious emails, SMSs or phones impersonating banks.

What next?

The administration of the Docer.pl website has taken actions to delete files, but the question remains how many people managed to download them before the intervention. Experts recommend changing bank slogans and enabling additional security, such as two -stage authentication.

The leakage of data from clients of Polish banks is a serious threat that can lead to theft of identity and financial fraud. People who suspect that their data may have been among the disclosed documents should immediately take security steps, including the bank and track the activity of their account.