Finastra, one of the world’s biggest Fintech firms was subjected to a cyber attack earlier this month. The fintech company has now confirmed that it was a data breach and has begun investigations.
The data breach was uncovered after a hacker claimed responsibility for breaching Finastra’s internal file-transfer platform.
Finastra, a London-based firm has not yet disclosed the exact vulnerability exploited. However, Sofia Romano, the company’s spokesperson in a statement told TechCrunch that the firm detected “suspicious activity” related to an “internally hosted Secure File Transfer Platform (SFTP)” on November 7.
On November 8, 2024, the fintech giant informed its customers about the data breach. The cybercriminal claimed responsibility after the company found the data theft.
400 Gigabytes Worth of Data Theft
An anonymous user with the alias “abyss0” on BreachForum, a cyber crime community revealed on Nov 8 that they stole files belonging to some of Finastra’s largest banking clients.
Abyss0 hinted that they were interested in selling the data and mentioned that buyers should connect with them on Telegram.
According to KrebsonSecurity, the hacker allegedly carried out a large-scale the theft of information from its internal file transfer platform. The cybercriminal began selling over 400 gigabytes of data purportedly stolen from the company.
The fintech giant in disclosure copy stated that a threat actor communicated on the dark web claiming to have data exfiltrated from this platform.
“There is no direct impact on customer operations, our customers’ systems, or Finastra’s ability to serve our customers currently,” the statement added. “We have implemented an alternative secure file-sharing platform to ensure continuity, and investigations are ongoing.”
Read: Apple Confirms macOS Targeted in Zero-Day Vulnerability Cyber Attacks
Stolen Data Under Review
The breach involves a suspected compromise of Finastra's internally hosted Secure File Transfer Platform (SFTP), which is used for transferring files securely.
The stolen data is claimed to be linked to IBM Aspera, a software used by Finastra for transferring large files.
“At this time, as a priority, we are also curating a list of the customers potentially affected and are currently reviewing all information,” the fintech firm stated in its incident summary statement.
“Should we determine that files associated with your organization were exfiltrated, we will notify,” the firm said.
While Finastra confirmed the exfiltration of data from its systems but declined to name the compromised platform or specify the data accessed.
Read: Chinese Espionage Hackers Allegedly Stole Sensitive Data From Fortinet
Read: Hackers Target Black Friday with Phishing Sites, Steal Credit Cards
