Finastra, a fintech firm serving over 8,000 financial institutions, has provided additional details on its investigation following a recent data breach. The breach involved the theft of over 400 gigabytes of data from the company’s internal file transfer platform.
Cyberjournalist Brian Krebs reported that a cybercriminal attempted to sell the stolen data, linked to Finastra’s banking clients, on an online forum. The first offer appeared on October 31, with a subsequent post three days later at a reduced price. On November 7, Finastra detected suspicious activity suggesting an attempt to steal even more data.
Finastra officially notified its customers on November 8, outlining the breach and the ongoing investigation. In their communication, the company assured clients that no other files had been accessed and that customer data remained untampered. They are currently working to identify affected clients while continuing normal operations and communication.
A spokesperson for Finastra confirmed that they have been in continuous contact with customers since November 8, sharing updates on the investigation and informing employees and regulators about the breach. The company has also provided Indicators of Compromise (IOCs) to help customers’ security teams during the investigation.
Finastra emphasized the importance of maintaining communication with customers during this process. “Providing accurate information after the initial response is vital for reassuring customers. In the early stages of an investigation, our knowledge may be limited, and it’s essential to balance transparency with accuracy. Our top priority remains securing the environment and outlining the actions we have taken to empower customers to take appropriate steps.”
As part of their remediation efforts, Finastra is collaborating with third-party experts to assess and enhance their cybersecurity measures. The company recognizes the importance of maintaining customer trust and security and is dedicated to protecting customer data.