Share this article
Hackers Demand $1 Million in XRP After Bank Data Theft
Hackers who stole personal information on 90,000 Canadian bank users have demanded $1 million in Ripple's XRP to not release the data trove.
Updated Sep 13, 2021, 8:00 a.m. Published May 30, 2018, 2:15 p.m.
Hackers who stole information on thousands of Canadian bank users have demanded $1 million-worth of the cryptocurrency XRP to not release the data trove.
According to a CBC News report Tuesday, the two banks hit by the breach, Bank of Montreal and CIBC's online bank Simplii Financial, have said that the personal information of a total of 90,000 account holders had been taken – including identifying data such as names, account numbers, passwords.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
The thieves even claimed to have obtained security questions and answers, social insurance numbers and account balances, the report says.
An email sent by the hackers – reportedly from Russia – demanded a ransom of $1 million in XRP, a cryptocurrency developed by blockchain payments startup Ripple, saying they would release the data if it wasn't paid before the close of May 28. It is not clear if the $1 million demand was expected to be paid in a U.S. or Canadian dollar equivalent.
As proof that the breaches did indeed obtain the claimed customer data, the hackers provided information on one customer from each of the two banks.
The email further explained that the hackers had used an algorithm to create account numbers, which had then been used to pose as genuine account holders and get the related security questions reset by the banks. Security measures at the institutions also came under fire, with the message stating:
"They were giving too much permission to half-authenticated account which enabled us to grab all these information. ... [The bank] was not checking if a password was valid until the security question were input correctly."
CBC News said it had contacted both banks over whether any ransom had been paid. "Our practice is not to make payments to fraudsters," Bank of Montreal reportedly said, while Simplii did not directly answer the question.
Hacker image via Shutterstock
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Zcash Floats Dynamic Fee Plan to Ensure Users Won’t Be Priced Out
ZEC zoomed 12% amid the fee discussion, beating gains across all major tokens.
What to know:
- A new proposal by Shielded Labs suggests a dynamic fee market for Zcash to address rising transaction costs and network congestion.
- The proposed system uses a median fee per action observed over the prior 50 blocks, with a priority lane for high-demand periods.
- The changes aim to maintain Zcash's privacy features while avoiding complex protocol redesigns.
Top Stories
