New York-based securities lending platform EquiLend Holdings confirmed in data breach notification letters sent to employees that their data was stolen in a January ransomware attack.
The financial technology company told BleepingComputer on January 24 that it was forced to take some of its systems offline two days earlier, on January 22, to contain a breach.
While Equilend didn't immediately disclose the nature of the incident, LockBit ransomware claimed responsibility for the attack in a statement to Bloomberg.
Even though the fintech firm didn't confirm LockBit's claims, it revealed on February 2 via a dedicated page for sharing more information on the incident that the January breach resulted from a ransomware attack.
The company confirmed in breach notification letters recently delivered to Equilend employees that the unnamed attackers did steal their personally identifiable information.
Although no signs of fraudulent activity using the stolen info have been detected yet, Equilend is providing affected employees with two years of free identity theft protection services through Identity Theft Guard Solutions.
EquiLend was established in 2001 by a group of ten global banks and broker-dealers, which included Bank of America Merrill Lynch, BlackRock, Credit Suisse, Goldman Sachs, JP Morgan, Morgan Stanley, National Bank of Canada, Northern Trust, State Street, and UBS. It now has over 330 employees and offices in North America, EMEA, and Asia-Pacific, while its services are used by more than 190 firms worldwide, including agency lending banks, hedge funds, and broker-dealers.
Securities finance marketplace participants also use Equilend's Next Generation Trading multi-asset securities trading platform in transactions worth more than $2.4 trillion monthly.
Rhysida ransomware wants $3.6 million for children's stolen data.
LoanDepot cyberattack causes data breach for 16.6 million people.
Global fintech firm EquiLend offline after recent cyberattack.
MGM Resorts ransomware attack led to $100 million loss, data theft.
Switzerland: Play ransomware leaked 65,000 government documents.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 11 Mar 2024 19:25:07 +0000