AYA Bank has confirmed that certain non-financial information from an old application portal was exposed in a data leak, while assuring customers that its core banking systems remain secure and unaffected.

According to the bank, the incident involved limited information contained in an outdated application portal that was not connected to its Core Banking System, AYA Pay, Card System, or any other critical banking infrastructure. As a result, AYA Pay, AYA Internet Banking, and Mobile Banking services continue to operate normally and remain secure.

The statement was issued after the hacker group Lapsus claimed it had breached AYA Bank's computer systems, stolen data, and threatened to sell the information unless a ransom was paid within a specified deadline.

AYA Bank stressed that the compromised portal had no direct connection to its primary banking systems and that no other systems were affected. The bank also emphasized that customers' financial information remains completely safe and secure.

The bank apologized for any concern or inconvenience caused by the incident and said it is further strengthening its cyber security measures to enhance the protection of its systems and customer data.