The bank said the breach affected a 2015 file that had client emails and phone numbers in it, but no information that would allow for unauthorized access or unauthorized transactions.
UniCredit’s announcement marks the bank’s third security incident in recent years and follows a cybersecurity and information-technology upgrade that has cost 2.4 billion euros since 2016.