The official Cayman Islands tourism website (opens in new tab) brags about the territory's stunning beaches, exotic wildlife and contemporary art museums. Yet, it's probably better known for the allegations of money laundering made against it by other governments, including that of the United States, which is what makes the claim that hackers published 2TB of the Cayman National bank's confidential data interesting.
A pseudonymous Twitter account called Distributed Denial of Secrets--a play on the distributed-denial of service attacks that can bring down even the largest websites-- said on Saturday (opens in new tab) that it was releasing "copies of the servers of Cayman National Bank and Trust." The account has also claimed to have released more information over the last few days and to have upgraded its servers to cope with traffic spikes.
Cayman National (opens in new tab) operates numerous branches in the Cayman Islands proper, Isle of Man and Dubai. Distributed Denial of Secrets claimed that it's "allegedly been used for money laundering by Russian oligarchs and others" as well, which is why it published the bank's confidential data. The goal appears to be giving people access to private information that could prove or disprove those allegations of wrongdoing.
Distributed Denial of Secrets said it didn't hack Cayman National itself. Instead, the data appears to have been stolen by someone called "Phineas Fisher," and its revelation was announced by HackBack alongside an explanation of Fisher's actions. A copy of the original statement can be found in the tweets discussing this leak and a report from Unicorn Riot (opens in new tab); a translated version was also shared to Pastebin (opens in new tab).
Cayman National doesn't appear to have acknowledged the alleged leak on its website or social media profiles. It does say on its website that it's requiring clients to share additional information "in connection with the regulations of the global financial industry," however, and that many of its services would be unavailable on November 17 because of "a major upgrade and maintenance programme."
The company also offered a helpful tip (opens in new tab) on its Facebook profile earlier today: "Refrain from accessing Online Banking through open and public access points, such as Internet cafes, public libraries, etc." That's a remarkably odd thing to share on Facebook while people on platforms like Twitter and Hacker News (opens in new tab) discuss a purported leak of terabytes' worth of private information.