Fintech Security

Revolut data breach: 50,000+ users affected

Revolut, the fintech company behing the popular banking app of the same name, has suffered a data breach, which has been followed by phishing attacks aimed at taking advantage of the situation.

Revolut data breach

About the Revolut data breach

Revolut customers began noticing something was wrong on September 11, when some of them reported receiving “inappropriate wording via chat.”

A few days later, some users received an alert via email saying their account was affected following a cyberattack.

“We recently received a highly targeted cyber attack from an unauthorized third party that may have gained access to some of your information for a short period of time,” the alert said.

The attackers did not manage to access fund, credit card details, PINs or passwords, Revolut noted, but they had access to affected users’ personal data.

Since Revolut operates as a registered bank in Lithuania, Lithuania’s State Data Protection Inspectorate revealed on Tuesday that Revolut Bank suffered a data breach, that access to the database was obtained via social engineering methods, and that the data of 50,150 customers worldwide (20,687 of them in European Economic Area) has potentially been compromised.

This data includes names, addresses, email addresses, telephone numbers, part of the payment card data (part of it was “masked”), and account details.

Revolut users targeted by phishing via SMS

In its data breach notice to affected users, Revolut warned them to “be especially vigilant for any suspicious activity, including suspicious emails, phone calls or messages,” and said that it would not call or text them regarding this incident.

“Be extremely wary of any attempt to contact you. We will never ask you for your details or passwords,” the company emphasized.

A few days later, customers started receiving SMS phishing (smishing) messages, though they do not appear to be aimed just at those affected by this breach.

The phishing page to which the link points is still up. Users who follow the link are first faced with a security challenge asking them to confirm they are not a robot, then are asked to solve a visual CAPTCHA, and finally they are taken through a set of well crafted pages asking them to log into Revolut – by entering their phone number, passcode, full name, email address, date of birth, and the info related to the debit card attached to their account.

According to Report Smishing, a smishing research project run by Sharad Agarwal, a Ph.D student at University College London, the same IP address hosted another Revolut-themed smishing URL a month ago.

Source link

Leave a Reply

Your email address will not be published.