Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Fintech Giant Finastra Investigating Data Breach (krebsonsecurity.com) 8

An anonymous reader quotes a report from KrebsOnSecurity: The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world's top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. London-based Finastra has offices in 42 countries and reported $1.9 billion in revenues last year. The company employs more than 7,000 people and serves approximately 8,100 financial institutions around the world. A major part of Finastra's day-to-day business involves processing huge volumes of digital files containing instructions for wire and bank transfers on behalf of its clients.

On November 8, 2024, Finastra notified financial institution customers that on Nov. 7 its security team detected suspicious activity on Finastra's internally hosted file transfer platform. Finastra also told customers that someone had begun selling large volumes of files allegedly stolen from its systems. "On November 8, a threat actor communicated on the dark web claiming to have data exfiltrated from this platform," reads Finastra's disclosure, a copy of which was shared by a source at one of the customer firms. "There is no direct impact on customer operations, our customers' systems, or Finastra's ability to serve our customers currently," the notice continued. "We have implemented an alternative secure file sharing platform to ensure continuity, and investigations are ongoing." But its notice to customers does indicate the intruder managed to extract or "exfiltrate" an unspecified volume of customer data.

This discussion has been archived. No new comments can be posted.

Fintech Giant Finastra Investigating Data Breach

Comments Filter:
  • I've never heard of Finastra before; when I first mis-read it, I though it said "Finasco."
    • by Njovich ( 553857 )

      Sounds about right. It's a company where banks can go with their tech needs and then Finastra charges them like it's an AAA solution, then asks an overworked cheap junior in India to make the 'solution'.

  • monitoring? Will they claim it's their clients responsibility if their identity is stolen?
    • by Slayer ( 6656 )

      They won't, but experts from Mandiant are already on premises and have created an Excel sheet to mitigate the attack. They said, that the attack was very very very very very sophisticated. Company management also offered thoughts and prayers to all affected parties of this incident.

  • We have implemented an alternative secure file sharing platform to ensure continuity

    What was the name of the original ‘secure file sharing platform’

    What was the name of this ‘alternative secure file sharing platform’
  • It is much more profitable long term to sit on the trade desk services and front run a boutique firm and their clients out fractions of their trading costs. If you know what JPMC is doing they will destroy you if you front run them, because the regulators love them. If you know what the average trader at robin hood is doing, your a data service vendor to JPMC and 50 other firms with trading operations that make a profit every day.
  • Hundreds of millions of wire transfers correlated with offshore accounts and traced by value over multiple hops could be very interesting and bring the sort of visibility the world's oligarchs really do not want into their finances.

Hackers are just a migratory lifeform with a tropism for computers.

Working...