Fintech giant Finastra notifies victims of October data breach

While Finastra has yet to share the number of individuals affected by the data breach and the nature of the exposed data (besides victims' names), the company started sending breach notification letters last week to at least 65 people in the state whose financial account information was stolen (according to filings with the Attorney General's office in Massachusetts). Financial technology giant Finastra is notifying victims of a data breach after their personal information was stolen by unknown attackers who first breached its systems in October 2024. Although Finastra disclosed very limited information in filings with Attorney General offices, the breach is believed to be linked to a (now-deleted) post made by a threat actor known as "abyss0" on the BreachForums online cybercrime community claiming to sell 400GB of data allegedly stolen from Finastra's network. When BleepingComputer asked about the forum post in November, a Finastra spokesperson would neither confirm nor deny if the data belonged to the company, only saying that they had suffered a limited-scope security breach and were evaluating its impact. "On November 7, 2024 Finastra's Security Operations Center (SOC) detected suspicious activity related to an internally hosted Secure File Transfer Platform (SFTP) we use to send files to certain customers," Finastra told BleepingComputer. As the company warned in breach notification letters sent to those impacted by the breach, the security incident was first detected on November 7 after Finastra identified malicious activity on some of its systems. While the company didn't share how the attackers gained access to its systems, cyber threat intelligence firm Bad Packets found that Finastra had multiple Pulse Secure VPN and Citrix ADC (NetScaler) unpatched servers before the attack. A Finastra spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today to provide more details on the October 2024 data breach.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 17 Feb 2025 15:30:05 +0000

Cyber News related to Fintech giant Finastra notifies victims of October data breach

Fintech giant Finastra notifies victims of October data breach - While Finastra has yet to share the number of individuals affected by the data breach and the nature of the exposed data (besides victims' names), the company started sending breach notification letters last week to at least 65 people in the state ...
2 days ago Bleepingcomputer.com

Digital Transformation in the Financial Industry: The Role of Fintech - Fintech companies are providing innovative solutions to help customers save money and manage risk more effectively than ever before; they're also fueling innovation within traditional banks themselves by creating new products based on customer ...
1 year ago Hackread.com

Unleashing the Power of AI - Welcome to the next article in our series on mastering API integration, specifically tailored for the fintech industry. As product managers, understanding and harnessing AI in fintech API management is essential for optimizing operations, enhancing ...
1 year ago Feeds.dzone.com

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
4 months ago Aws.amazon.com

Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com

Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com

AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
1 year ago Jdsupra.com

Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
1 year ago Jdsupra.com

Crum & Forster Notifies Nearly 14k Consumers of Recent Data Breach Leaking Their SSNs - On October 9, 2023, Crum & Forster filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access the company's computer network. In this notice, Crum & Forster explains that the ...
1 year ago Jdsupra.com

Virginia Farm Bureau Notifies 261,187 of October 2022 Data Breach - On February 15, 2024, Virginia Farm Bureau filed a notice of data breach with the Attorney General of Maine after the company's IT system was targeted in a ransomware attack. In this notice, VFB explains that the incident resulted in an unauthorized ...
1 year ago Jdsupra.com

Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
1 year ago Jdsupra.com

Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
7 months ago Securityaffairs.com

Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
7 months ago Jdsupra.com

Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
1 year ago Bleepingcomputer.com

Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
1 year ago Bleepingcomputer.com

PennyMac Files Notice of Data Breach That Leaked Thousands of SSNs - On October 19, 2023, PennyMac Loan Services LLC filed a notice of data breach with the Attorney General of Texas after discovering that unauthorized actors were able to access information that had been entrusted to the company. In this notice, ...
1 year ago Jdsupra.com

Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
1 year ago Jdsupra.com

Comcast Xfinity Reports Data Breach Exposing Info About 35M Customers - PRESS RELEASE. MARLTON, N.J., Dec. 19, 2023 /PRNewswire/ - Approximately 35 million consumers are being notified that their confidential information was compromised due to a vulnerability in software created by Citrix and used by Xfinity. The data ...
1 year ago Darkreading.com

Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
2 years ago Securityaffairs.com

Console & Associates, P.C.: ESO Solutions Notifies 2.7M of Data Breach - PRESS RELEASE. MARLTON, N.J., Dec. 20, 2023 /PRNewswire/ - Approximately 2.7 million patients are being notified that their Social Security numbers and other confidential information were compromised when an unauthorized party gained access to ESO ...
1 year ago Darkreading.com

DNA testing: What happens if your genetic data is hacked? - The personal information of millions of people who sent swabs of their DNA to consumer testing services have been leaked in high profile hacks in recent years, leading to questions about how secure that genetic data is. In autumn 2023, a hacker ...
1 year ago Packetstormsecurity.com

Longhorn Imaging Center Files Notice of Data Breach Affecting Patients' Sensitive Medical Information - On October 25, 2023, South Austin Health Imaging LLC dba Longhorn Imaging Center filed a notice of data breach with the Attorney General of Texas after discovering that confidential information in the company's possession was subject to unauthorized ...
1 year ago Jdsupra.com

How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
1 year ago Securityboulevard.com

23andMe Faces Legal Backlash Over Data Breach and Blames Victims - Facing a deluge of more than 30 lawsuits from individuals impacted by a substantial data breach, genomics company 23andMe has taken a defensive stance by placing responsibility on the victims themselves. The breach came to light in October when ...
1 year ago Cysecurity.news

Latest Cyber News

Fedora Linux Kernel Vulnerability Let Attackers Gain Access to Sensitive Data - 19 minutes ago
Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS - 34 minutes ago
Microsoft Power Pages 0-Day Vulnerability Exploited in the Wild - 1 hour ago
APT-C-28 Group Launched New Cyber Attack With Fileless RokRat Malware - 1 hour ago
Microsoft Admin Guide to Block & Remove Apps on Endpoints - 1 hour ago
AWS Key Hunter - A Free Automated Tool to Detect Exposed AWS keys - 1 hour ago
Symantec Diagnostic Tool Vulnerability Let Attackers Escalate Privileges - 2 hours ago
NSA Added New Features to Supercharge Ghidra 11.3 - 2 hours ago
New NailaoLocker ransomware used against EU healthcare orgs - 2 hours ago
Ghost Ransomware Compromised Organisations Across 70+ Countries - 2 hours ago
Windows Disk Cleanup Tool Vulnerability Exploited to Gain SYSTEM Privileges - 6 hours ago
Citrix NetScaler Vulnerability Allows Unauthorized Command Execution - 8 hours ago
Australian Infrastructure Faces 'Acute' Foreign Threats - 8 hours ago
Critical Microsoft Bing Vulnerability Let Attackers Execute Code Remotely - 9 hours ago
Hackers Weaponize Jarsigner App To Execute XLoader Malware - 9 hours ago
New Snake Keylogger Attacking Chrome, Edge, and Firefox Users - 10 hours ago
Insight Partners, VC Giant, Falls to Social Engineering - 11 hours ago
Russian Groups Target Signal Messenger in Spy Campaign - 12 hours ago
CVE-2023-51303 - 13 hours ago
CVE-2025-25196 - 13 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Fedora Linux Kernel Vulnerability Let Attackers Gain Access to Sensitive Data - 19 minutes ago
Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS - 34 minutes ago
APT-C-28 Group Launched New Cyber Attack With Fileless RokRat Malware - 1 hour ago
Microsoft Power Pages 0-Day Vulnerability Exploited in the Wild - 1 hour ago
Microsoft Admin Guide to Block & Remove Apps on Endpoints - 1 hour ago
AWS Key Hunter - A Free Automated Tool to Detect Exposed AWS keys - 1 hour ago
Symantec Diagnostic Tool Vulnerability Let Attackers Escalate Privileges - 2 hours ago
NSA Added New Features to Supercharge Ghidra 11.3 - 2 hours ago
New NailaoLocker ransomware used against EU healthcare orgs - 2 hours ago
Ghost Ransomware Compromised Organisations Across 70+ Countries - 2 hours ago
Content Credentials Show Promise, But Ecosystem Still Young - 14 hours ago
Windows Disk Cleanup Tool Vulnerability Exploited to Gain SYSTEM Privileges - 6 hours ago
Citrix NetScaler Vulnerability Allows Unauthorized Command Execution - 8 hours ago
Australian Infrastructure Faces 'Acute' Foreign Threats - 8 hours ago
Critical Microsoft Bing Vulnerability Let Attackers Execute Code Remotely - 9 hours ago
Hackers Weaponize Jarsigner App To Execute XLoader Malware - 9 hours ago
New Snake Keylogger Attacking Chrome, Edge, and Firefox Users - 10 hours ago
CVE-2025-26466 - 2 days ago
CVE-2024-45775 - 1 day ago
CVE-2024-45776 - 1 day ago