Revolut security breach: data of +50,000 users exposed

Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers.

The financial technology company Revolut suffered a ‘highly targeted’ cyberattack over the weekend, threat actors had access to the personal information of 0.16% of its customers (approximately 50,000 users).

The company states that it has already contacted the impacted customers

“We have contacted the impacted individuals by email with further information regarding the types of data that may have been exposed. […] We take incidents such as these incredibly seriously, and we would like to sincerely apologise to any customers who have been affected by this incident as the safety of our customers and their data is our top priority at Revolut.” reads the statement issued by Revolut. “We immediately identified and isolated the attack to drastically limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted.”

The Lithuanian State Data Protection Inspectorate has started an investigation into the security breach, according to preliminary data, threat actors had access to the Revolut database through the use of social engineering techniques.

Upon discovering the intrusion, the security team promptly locked out the threat.

The authority confirmed that the data of 50,150 customers around the world (including 20,687 in the European Economic Area) were compromised. Exposed data include names, addresses, emails, postal addresses, telephone numbers, part of the payment card data (according to the information provided by the company, the card numbers were masked), account data, etc. The attackers did not access the users’ funds.

Revolut points out that it will not call or send SMS messages to its users or ask for login data or access codes due to the security breach, and warns users to be vigilant about phishing attacks.

BleepingComputer first reported that some Revolut customers claim that around the time of the incident the support chat was defaced by displaying inappropriate language to visitors.

(SecurityAffairs – hacking, data breach)

Read the full article here

Hosted by
News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.

Sign Up for Our Morning Boot Cybersecurity Newsletter

Sponsored Ad

Cybervizer Recommended Book