| Recurring |
unknown |
(a) The software failure incident having happened again at one_organization:
The article does not mention any previous incidents of a similar nature happening again within BancoEstado or with its products and services. Therefore, there is no information available to suggest that this specific software failure incident has occurred before at BancoEstado.
(b) The software failure incident having happened again at multiple_organization:
The article does not provide any information indicating that a similar incident has happened before at other organizations or with their products and services. Thus, there is no evidence in the article to suggest that this software failure incident has occurred at multiple organizations. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in Article 105469 was related to the design phase, as it was caused by a malicious software detected over the weekend that impacted the operations of BancoEstado in Chile. The incident was attributed to a third-party action through a malicious software, indicating a failure due to contributing factors introduced by system development or updates [105469].
(b) Additionally, the incident also had an impact on the operation of the bank, affecting payments and transactions of the State that are conducted through BancoEstado. This aspect points towards a failure due to contributing factors introduced by the operation or misuse of the system [105469]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) The software failure incident at BancoEstado in Chile was caused by a malicious third-party action through a malicious software. The incident originated from within the system, affecting the bank's operations and leading to the closure of branches. The bank clarified that customer accounts and the entity's assets were not compromised, indicating that the failure was within the system [105469].
(b) The impact of the software failure incident extended beyond BancoEstado's operations to affect payments and transactions of the State, which are conducted through the bank. This external impact on government transactions highlights that the failure had consequences outside the system of the bank [105469]. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident occurred due to non-human_actions, specifically through the detection of a malicious software by third parties at BancoEstado de Chile [105469]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in Article 105469 was due to a malicious software detected at BancoEstado de Chile, indicating that the contributing factor originated in software [105469]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident reported in Article 105469 was malicious. The BancoEstado branches in Chile closed due to the detection of third-party action through malicious software over the weekend. The entity made it clear that accounts of customers and the entity's assets were not compromised, but efforts were being made to contain and reverse the malicious action aimed at affecting the daily activities of millions of Chileans using BancoEstado [105469]. |
| Intent (Poor/Accidental Decisions) |
unknown |
(a) The software failure incident at BancoEstado in Chile was caused by a malicious action of third parties through a malicious software. This indicates that the incident was not due to accidental decisions but rather a deliberate act by external actors [105469]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident reported in Article 105469 was due to a malicious action by third parties through malicious software. This indicates a potential case of development incompetence, as the software vulnerability may have been exploited due to a lack of professional competence in ensuring robust security measures were in place to prevent such attacks [105469].
(b) The incident does not provide specific information indicating that the software failure was accidental. |
| Duration |
temporary |
The software failure incident reported in Article 105469 was temporary. The incident involved the closure of BancoEstado branches in Chile due to the detection of third-party action through malicious software. The bank clarified that customer accounts and the entity's assets were not compromised. Efforts were being made to contain and reverse the malicious action, with work ongoing to restore affected operating systems and ensure the functionality of digital channels, applications, and the website. As mentioned, some branches had already been reactivated for certain transactions like deposits and withdrawals, indicating a temporary disruption rather than a permanent one [105469]. |
| Behaviour |
other |
(a) crash: The software failure incident in the BancoEstado of Chile involved the closure of branches after the detection of a malicious software action by third parties. The incident led to the shutdown of branches, impacting payments and transactions of the State that are processed through the bank. The bank clarified that customer accounts and the entity's assets were not compromised, but efforts were being made to contain and reverse the malicious action [105469].
(f) other: The software failure incident involved a malicious software action by third parties targeting BancoEstado, leading to the closure of branches. The incident did not compromise customer accounts or the entity's assets, but it affected the daily operations of millions of Chileans who use BancoEstado. Efforts were being made to restore the affected operating systems and ensure the functionality of digital channels, applications, and the website [105469]. |