What happened
On the night of February 15–16, A-Bank recorded one of the largest cyberattacks in its history: some customers noticed unauthorized debits from their accounts. The bank confirmed the incident in a statement and said it had refunded the affected customers.
What the bank says
"On the night of February 15–16 we suffered one of the most extensive hacker attacks. Some customers experienced unauthorized debits. This was a new attack previously unknown to the banking system. However, we can now say with confidence: we handled it, repelled it, and prevented similar attempts in the future."
— A-Bank press service
"None of our clients suffered financial losses."
— A-Bank press service
Threat context
A-Bank is among the top 20 Ukrainian banks by assets (UAH 45.8 billion as of January 1, 2026) and is owned by the family of Grigory and Ihor Surkis. The incident shows that even large institutions remain targets for sophisticated cyber operations. In November 2025 cybersecurity experts discovered new Android trojans BankBot-YNRK and DeliveryRAT, which disguise themselves as legitimate apps and steal financial data — part of a broader wave of attacks on online banking.
Why it matters to you
The issue is not only about refunding money — it is about trust in the payment infrastructure. When large banks register successful attacks, it heightens the risk of social panic, increased requests for withdrawals, and strain on the system. The practical takeaway for customers is simple: check your statements, enable two-factor authentication, respond to suspicious messages, and contact your bank at the first sign of a problem.
What regulators and banks should do
The expert community emphasizes the need for a transparent investigation of the incident, audits of cybersecurity, and public recommendations for protecting customers. This is not only a technical matter — it is an element of national resilience: the stability of the financial sector during the war and after it directly affects the country's economic security.
Conclusion
The bank reports that affected customers' balances have been restored, but the incident served as a signal: banks' digital security needs systemic investment and transparent communication with clients. Whether these demands will become the new norm for Ukrainian financial institutions is a question for regulators, banks, and citizens alike.
