News and resources on cyber and physical threats to banks and fintechs worldwide.
Revolut breach exposes data of over 50,000 customers

Revolut breach exposes data of over 50,000 customers

Revolut has suffered a data breach that exposed personal details of about 50,000 customers worldwide.

Revolut notified the cyber attack to the Lithuanian State Data Protection Inspectorate, saying that access to its database was obtained through social engineering methods. The hackers who infiltrated the firm's systems lat last Sunday were identified and locked out by Monday 2am, dramatically limiting its impact.

All the same, the data of about 50,150 customers worldwide (20,687 of them in European Economic Area), such as names, addresses, e-mail addresses, telephone numbers, part of the payment card data and account details were ripped from its servers.

In a letter to customers affected by the hack that was posted on Reddit, Revolut states: "We recently received a highly targeted cyber attack from an unauthorised third party that may have gained access to some of your information for a short period of time. You do not need to take any action, however we wanted to let you know, and sincerely apologise for this incident."

Revolut states that all card data was hashed and that no PINs or passwords were accessed.

It continues: "Although your money is safe, you may be at increased risk of fraud. We recommend that you be especially vigilant for any suspicious activity, including suspicious emails, phone calls or messages."

One affected customers was unimpressed by Revolut's response, saying: "I contacted support and asked the which EXACT information of mine was stolen but they couldn't answer, all they did was giving me the same message of the email."

Revolut says the incident hit just 0.16% of its 20 million users worldwide.

Comments: (0)