Over the weekend, the financial technology company Revolut was the victim of a “highly targeted” cyberattack in which threat actors gained access to the personal data of 0.16% of its users (approximately 50,000 users).
The business claims to have already spoken with the affected customers.
A cyberattack on Revolut resulted in unauthorised access to the personal data of tens of thousands of customers.
The incident was “highly targeted” and happened a week ago on a Sunday night.
Revolut, a financial technology company founded in 2015, has experienced rapid expansion and now provides banking, money management, and investment services to clients around the globe.
A spokesperson for BleepingComputer said in a statement that only 0.16% of its customers’ information was “temporarily” accessed by an unauthorised party.
“We swiftly recognised the attack, isolated it to effectively lessen its effects, and contacted the impacted customers. No harm has come to customers who have not received an email.” – Revolut
50,150 customers have reportedly been impacted, according to the breach disclosure to the State Data Protection Inspectorate in Lithuania, where Revolut has a banking licence.
Revolut provided the information used by the agency, which stated that 379 Lithuanian citizens are the only ones who may be affected by this incident out of 20,687 affected customers in the European Economic Area.
Although specifics about how the threat actor got access to the database have not been made public, it seems the attacker used social engineering.
The following types of information are probably exposed, according to the Lithuanian data protection agency:
Email accounts
Complete names
Mailing addresses
Telephones
Minimal credit card information
Financial info
Revolut claims that the type of compromised personal data varies for various customers in a message to an affected customer. Passwords, PINs, or card information were not accessed.
Revolut stresses that the hacker was unable to access any user funds.
“As always, the money of our customers is secure. All customers may use their cards and accounts normally going forward “According to a company representative, BleepingComputer.
As a result of the company’s quick response to the intrusion, the risk to its customers was greatly reduced, and the attack was isolated by early Monday (2 A.M.).
Revolut established a specialised team with the responsibility of keeping an eye on customer accounts as a precaution to ensure the security of both money and data.
Users should be “extremely wary” of any messages asking for passwords or personal information. Customers won’t be contacted by Revolut to discuss the incident, and the company never requests sensitive information.
Here is the complete statement a Revolut spokesperson provided to BleepingComputer:
Recently, Revolut was the target of a very deliberate cyberattack. As a result, a small percentage (0.16%) of our customers’ information was briefly accessed by an unauthorised third party.
We swiftly recognised the attack, isolated it to effectively lessen its effects, and contacted the impacted customers. No impact has been felt by customers who have not received an email.
No money has been accessed or taken, to be clear. As always, the money of our customers is secure. All clients may continue to make regular card and account purchases.
The safety of our customers and their data is our top priority at Revolut, so we take incidents like these very seriously and would like to sincerely apologise to any customers who have been impacted by this incident.
Around the time of the incident, some Revolut users also noticed that the support chat was displaying offensive language to visitors.
Although it’s unclear whether this defacement is connected to the breach revealed by Revolut, it demonstrates that hackers might have had access to more of the company’s systems than previously thought.
Revolut apologised to the customers who reported receiving these messages but did not explain how or why they did so. It did, however, say that it was “addressing the issue and are taking steps to ensure this does not happen again.”
“impacted individuals by email with further information regarding the types of data that may have been exposed. […] We take incidents such as these incredibly seriously, and we would like to sincerely apologise to any customers who have been affected by this incident as the safety of our customers and their data is our top priority at Revolut.” reads the statement issued by Revolut. “We immediately identified and isolated the attack to drastically limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted.”
According to early findings, threat actors gained access to the Revolut database by using social engineering techniques, and the Lithuanian State Data Protection Inspectorate has begun an investigation.
The security team immediately locked out the threat after learning about the intrusion.
The authority acknowledged that 50,150 customers’ data were compromised, including 20,687 from the European Economic Area. Names, addresses, emails, postal addresses, phone numbers, part of payment card data (according to information provided by the company, the card numbers were masking), account information, etc. are among the data that were exposed. Attackers were unable to get access to the users’ money.
Revolut warns users to be cautious about phishing attacks and notes that due to the security breach, it will not call or send SMS messages to its users or request login information or access codes.
Phishers profit from this.
Phishing scammers can use this security incident to trick any Revolut customer, even those who were unaffected, into disclosing their personal information.
An ongoing SMS phishing campaign is attempting to deceive Revolut account holders by falsely claiming that their current card has been frozen to prevent fraud, as discovered by UCL’s “Report Smishing” platform.
The victims are instructed to click on the link “revolut-card-cancel[.]com” where they will go through a four-step phishing process as illustrated below in order to request a new card.
Most importantly, the threat actors try to steal complete payment card information so they can make online purchases or transfer money to accounts they control.
Some Revolut customers claim that, around the time of the incident, the support chat was defaced by showing visitors language that was inappropriate. This was first reported by BleepingComputer.