Customers of a bank in Liechtenstein are being blackmailed by hackers who are threatening to publish their account details or hand them over to financial authorities.

Valartis Bank (Liechtenstein) AG account holders started receiving emails last week demanding that they send 10 percent of their funds to a bitcoin address. “If you pay 10 percent of your current credit balance, the issue will be dropped without further consequences,” the email read. “We would love to remove you from the list. Just pay the demanded amount as soon as possible.”

Liechtenstein, a small landlocked country bordered by Austria and Switzerland, has long been considered a tax haven, meaning that the blackmailing hackers are presuming that account holders may have something to hide. It’s not clear how many customers have been targeted, but Valartis is said to hold €3.3 billion ($3.5 billion) in funds from customers in over 20 countries.

Bank officials confirmed that the accounts had been compromised, telling German media that the hackers had obtained information on payment orders that were processed on its e-banking system. In a sign that the hack may be old, the bank added that the information obtained only covered transactions prior to May 2013.

Valartis parent company Citychamp Watch & Jewellery Group Ltd. said in a statement that no account statements were obtained by the hackers, and no money has been taken from accounts. “The attacker did not obtain details of the account statement or asset data,” Chief Financial Officer Fong Chi Wah noted. “Possible affected customers have already been informed by the bank.”

The news that bank customers are being blackmailed is an interesting escalation in hacking at a time where ransomware is running rampant. What is perhaps more unusual is that customers are being targeted directly versus the bank itself, which is typical form for hackers who obtain information about customers from a company. As the Identity Theft Resource Center notes “seasoned hackers steal the personally identifiable information of a large number of customers, then blackmail the company with threats to release word of that hacking, sell the information, or use it themselves.”

Alternatively, perhaps the hackers did attempt to blackmail the bank at first without success and the bank hasn’t admitted to it. Reuters reports that shares in Citychamp’s Hong Kong-listed shares dropped as much as 12 percent in trade Tuesday morning after being suspended on Monday.

Image credit: St9191/Wikimedia Commons/CC 3.0