Finastra, a leading global financial technology firm, is investigating a significant data breach involving its internal file transfer platform. The London-based company, which serves 45 of the world’s top 50 banks, alerted customers to the breach after a cybercriminal began offering more than 400GB of purportedly stolen data for sale on the dark web.
The breach was detected on November 7, 2024, when Finastra’s security team identified unusual activity within its system. A day later, the company notified its customers, confirming that an unknown threat actor had exfiltrated data from the platform. While the precise scope of the stolen information remains unclear, Finastra assured clients that customer operations, systems, and its ability to deliver services were unaffected.
The cybercriminal, using the alias “abyss0,” initially attempted to sell the stolen data on October 31, naming Finastra’s banking clients in a subsequent BreachForums post on November 8. Although abyss0’s sales threads and associated Telegram account have since disappeared, screenshots from the cyber intelligence platform Ke-la.com suggest the stolen data was priced between $10,000 and $20,000.
Finastra stated that initial evidence points to compromised credentials as the likely entry point for the breach. The company has since deployed an alternative secure file-sharing platform and continues to work closely with affected customers, sharing Indicators of Compromise (IOCs) and conducting an extensive eDiscovery process to assess the impacted systems.
“Our focus remains on transparency and accuracy as we investigate the scope of the exfiltrated data,” Finastra noted in a statement. “We are committed to supporting any affected customers directly.”
The incident comes as a reminder of Finastra’s previous security challenges, including a ransomware attack in March 2020 that temporarily disrupted its operations. This story is ongoing, and updates will follow as new information becomes available.
To delve deeper into this topic, please read the full article Krebsonsecurity.
