Fintech companies suffer from data breaches

A smartphone showing the Revolut app

Revolut suffered a cyber security nightmare this month when a recent data breach affected 50,000 customers worldwide.

The financial technology company, best known for its banking app of the same name, has seen the personal data of these users exposed. The leaked information includes details such as names, email addresses, phone numbers and parts of payment card data. This was then followed by phishing attacks which were most likely an attempt to exploit the cyber security issue.

Indications of a cyber attack

Users of the fintech company’s app reportedly began receiving “inappropriate wording via chat” on the 11th.th September, which was the first indication of a data breach. Over the next few days, some Revolut customers were informed by email that their accounts were affected by a cyber attack by “an unauthorized third party”.

A total of 50,150 Revolut users were affected globally, with just over 20,000 of these based in Europe, and they have been notified that their data may have been compromised.

The cyber security breach was announced after Revolut informed Lithuania’s State Data Protection Inspectorate, as the fintech company operates as a registered bank in the country. It claimed that Revolut Bank was hit by a data breach and that access to the stored information was gained through social engineering methods.

What was Revolut’s reaction to the data breach?

While the cybersecurity blunder is sure to attract some negative headlines for the fintech giant, the real damage to the company and customers should be minimal. Fortunately, the hackers who gained access to the Revolut database were locked out again after just a few hours, which significantly limited the severity of the cyber attack.

In fact, Revolut itself claims that the data breach has only affected 0.16% of its total of 20 million users worldwide. It should also be noted that it only compromised personal information, rather than financial or online security data. This means the attacks did not gain access to funds stored on the app, credit card details, passwords or PINs. The closest that was revealed was partial card details, as the rest was “masked” and uncompromised.

Still, the company issued an apology for the cyber security attack and warned users to be vigilant as some may be at increased risk of fraud. The fact that SMS phishing attacks began targeting all Revolut users just days after the data breach underscores the need for their customers to stay secure online.

Discover the latest cyber security news here.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *