Finastra, a prominent player in the global fintech landscape that caters to 45 of the top 50 banks worldwide, has recently acknowledged a significant data breach that has affected its internal file transfer system. The breach was identified on November 7, revealing that the Secure File Transfer Platform (SFTP) had been compromised through the use of stolen credentials, allowing unauthorized access to sensitive information.
The perpetrator, operating under the alias “abyss0,” took to BreachForums to peddle the stolen data, initially setting a price of $20,000, which was later slashed to $10,000 in an apparent attempt to attract buyers.
The breach resulted in the theft of around 400 gigabytes of compressed data, which included not only sensitive client information but also internal documents critical to Finastra’s operations. In response to this incident, Finastra acted swiftly by replacing the compromised file-sharing system, promptly notifying affected clients within a 24-hour window, and launching a comprehensive investigation into the nature and extent of the stolen data.
- Breach Detection: Finastra detected suspicious activity on November 7, 2024, within its internally hosted Secure File Transfer Platform (SFTP).
- Attacker’s Actions: The cybercriminal, known as “abyss0,” advertised the stolen data on BreachForums, initially priced at $20,000, later reduced to $10,000.
- Compromised Data: Approximately 400 gigabytes of compressed information were stolen, including sensitive client data and internal documents.
- Investigation: Finastra is working to determine which customers were affected and is analyzing the data to identify the extent of the compromise
- Detection: Finastra detected suspicious activity on November 7, 2024, within its internally hosted Secure File Transfer Platform (SFTP).
- Attacker’s Actions: The cybercriminal, known as “abyss0,” advertised the stolen data on BreachForums, initially priced at $20,000, later reduced to $10,000.
- Compromised Data: Approximately 400 gigabytes of compressed information were stolen, including sensitive client data and internal documents.
Scope of the Compromised Data
- Client Data: Files containing sensitive information from major banking clients, which may include transaction details and financial records.
- Internal Documents: Confidential materials related to Finastra’s operations and services.
Finastra’s Response
- New File-Sharing Platform: The company replaced the compromised file-sharing system with an alternative, reportedly secure platform.
- Notification Within 24 Hours: Finastra notified impacted clients within 24 hours of detecting the breach.
- Direct Engagement by the Chief Information Security Officer: The company’s Chief Information Security Officer took an active role in coordinating with clients’ security teams.
- Analysis of Compromised Data: Finastra initiated a detailed review of the stolen data to identify affected clients and determine the extent of the compromise.
Investigation and Ongoing Efforts
- Investigation: Finastra is working to determine which customers were affected and is analyzing the data to identify the extent of the compromise.
- Security Enhancements: The company is reviewing its authentication protocols and enhancing the security of its SFTP system
#Finastra #DataBreach #CyberSecurity #DataProtection #InfoSec #CyberThreats #DataPrivacy #SecurityAwareness #BreachAnalysis #TechNews #CorporateSecurity #Hacking #ITSecurity #DataLoss #RiskManagement #IncidentResponse #DigitalSafety #NetworkSecurity #CyberAttack #Advisory
#Finastra #Fintech #DataBreach #CyberSecurity #Banking #SFTP #DataProtection #InformationSecurity #ClientTrust #FinancialServices #TechNews #BreachForums #DataPrivacy #RiskManagement #IncidentResponse #SensitiveData #CyberThreats #DigitalTransformation #Innovation #FinancialTechnology