Mexico established a one-day waiting period on electronic money transfers of over $2,500 in the wake of a hacking attack that may have taken as much as $20 million from several Mexican banks.
It was the latest in a string of embarrassments for the Mexican banking system, which has seen slowdowns in e-payment, debit card transactions and transfers since late April.
The head of the country’s central bank, Alejandro Diaz de Leon acknowledged late Monday that a “cyberattack” was involved in shadowy transfers of between $18 million and $20 million.
The central bank issued a memo Monday saying banks could opt to immediately pay out transfers for customers they know and trust, but would impose a one-day wait period for others.
The head of the country’s bankers’ association told local media Tuesday that the hackers had apparently duplicated valid settlement payments between banks, with one copy going to the intended recipient and the other going to account set up by hackers.
Few expected authorities to be so unprepared. Security breakdowns were first detected on April 27, but by Monday, authorities were still not sure how much had been taken. They said some of the fake transfers were caught before they could go through.
But it was also revealing that the central bank did not have a cybersecurity division until Tuesday, when one was created by decree.
Mexican depositors won’t be affected, but the banks themselves could take a hit on the missing money.