Financial giant Finastra warns customers about possible data breaches
- A threat actor is offering a large database for sale, claiming it comes from Finastra
- Financial giant sends data breach notification letter to affected customers, claiming its secure file transfer service has been compromised
- The attacker used stolen login credentials to commit the robbery
Fintech software company Finastra is warning its customers that a recent data breach may have caused it to lose data recently.
Security researcher Brian Krebs has obtained a copy of the letter sent to affected individuals, which states that the breach was not the result of an exploited vulnerability, but rather stolen credentials.
“The threat actor did not deploy malware or tamper with customer files in the environment,” the statement reads. “Additionally, no files other than the exfiltrated files were viewed or opened.”
400 GB – zipped
The company said BleepingComputer the attack took place on its Secure File Transfer Platform (SFTP): “On November 7, 2024, Finastra’s Security Operations Center (SOC) discovered suspicious activity related to an internally hosted Secure File Transfer Platform (SFTP) that we use to transfer files to certain customers send,” Finastra told the publication.
“We immediately launched an investigation together with a third-party cybersecurity firm and, as a precaution, isolated and contained the platform. This incident was confined to that one platform and there was no lateral movement beyond that.”
The same source also claims that the platform was not the company’s default and was not used by all customers, indicating that not everyone’s data was compromised.
At the same time, a threat actor with the alias ‘abyss0’ offered for sale a large archive claiming to be from Finastra.
“Today we are offering for sale the Finastra.com data breach, dated November 2024,” the message reads. “A total of 400 GB ~ compressed.”
“This data comes from their ESB and exfil through IBM Aspera, not just things we thought were important. There are many files and different file formats.”
Finastra is a financial software company with more than 8,000 client institutions – its customers include most of the world’s top banks and credit unions, and it employs tens of thousands of employees.
Via BleepingComputer