Category: Revolut

Revolut, a financial firm that is governed by Bank of Lithuania within European Union has apparently lost £20m to the act of cyber criminals who smartly drained the funds from the London based financial service provider.

Well, the siphoning of funds was done in long term with criminals taking an advantage of the flaw in the Revolut payment systems to slowly drain money for months in the year 2021. Only to be identified by a US based partner of the bank that then corrected it by Spring 2022. But most of the damage was done by then.

The faulty system led to Revolut’s central payment system to refund its own funds that might eat away its March’23 profits easily by this year end.

According to the analysis conducted by a team of experts from the Global Neobank, it was all the work of an organized criminal gang that exploited a vulnerability in the gateway and encouraged its hired criminals to make expensive purchases that later were declined only to make them eligible to swipe-out refunds from ATMs.

NOTE- Founded in 2015, the company is into currency exchange and trading, debit cards services, virtual card payment services, Apple Pay, wallets that pay interest to customers, stock trading and crypto related merchandise and is also into the service offering financial technologies such transaction machines. Remember, Revolut is not a recognized bank in UK and so isn’t eligible for Financial Services Compensation Scheme.

The post UK Finance company loses £20m to Cyber Criminals appeared first on Cybersecurity Insiders.

Revolut that offers payment processing technology was targeted by a phishing attack recently, leading to data breach of thousands of customers from Lithuania and Europe. The company issued a press statement that only 0.3% of its customers became targets to the sophisticated attack that took place on its servers on Sept 10th of this year.

Estimates are in that about 32,000 customers might have become targets to the digital attacks that lead to their information steal.

Confirmed sources suggest the data breach occurred from a phishing attack that could have taken place in August this year.

Coming to the attack that took place on American Airlines, an official statement from the airliner says that a sophisticated digital attack resulted in the leak of details such as customer info, birthday info, mailing and email addresses, medical data, phone and driving licenses.

But the good news is that the attack and data breach took place in June 2022 and there is no evidence of misuse of stolen information till date.

Previously, a similar data leak took place on the servers of American Airlines in March 2021 and the business is apparently facing a lawsuit from a high-profile customer.

NOTE- Phishing is a kind of cyber attack where hackers try fraudulent communication methods such as SMS and emails to retrieve personal information from employees like login credentials and then use the stolen data to conduct identity theft. Using a multi-layer protection, and creating awareness among employees to never click on email and sms links sent by unknown senders is the only option to curtail such issues.

 

The post Phishing attacks on Revolut and American Airlines leads to data breached appeared first on Cybersecurity Insiders.