The report from the State Data Protection Inspectorate confirms that the Revolut data breach may have impacted 50,000 of its customers.
Revolut had recently encountered a malicious cyber attack that resulted in jeopardizing the company’s database temporarily.
Leading fintech startup Revolut recently fell prey to a malicious cyber attack that ended up exposing the personal data of thousands of its customers.
Revolut Data Breach: What Happened?
Digital bank Revolut was recently targeted by malicious hackers in a planned cyber attack that ended up exposing the data of thousands of its customers.
On September 10, Revolut encountered a malicious access attempt, a dubious third-party login that intended to access the Revolut database. However, the hacker could not succeed in taking full control of Revolut’s database but was able to access a small percentage of its customer data.
“We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected,” Bodansky said. “Customers who have not received an email have not been impacted.” Revolut’s spokesperson, Michael Bodansky told Techcrunch
Revolut later informed the State Data Protection Inspectorate to investigate the unlawful data breach event and find potential causes that may have contributed to the data breach.
However, the latest findings revealed by the inspectorate confirm that Revolut’s database was accessed through the use of social engineering methods.
In simpler terms, a social engineering method refers to a type of hacking tactic which includes coaxing an employee of the institution to hand over sensitive information such as login and access details, etc.
Furthermore, the report confirms that the incident ended up exposing the personal data of nearly 50,150 Revolut customers, including 20,687 in the European Economic Area and 379 in Lithuania.
Moreover, the data breach resulted in exposing critical personal data of customers, which includes users’ postal addresses, email addresses, and telephone numbers, as well as part of payment card and account data.
“According to the provided revised information, the data of 50,150 customers around the world (including 20,687 in the European Economic Area), such as names, addresses, and e-mails, may have been affected during the incident. Postal addresses, telephone numbers, part of the payment card data (according to the information provided by the company, the card numbers were masked), account data, etc.” The report later adds
Revolut is yet to share details on what type of data was exposed to hackers; however, the company’s Reddit post confirms that the customers’ card details, pins, and passwords were not exposed to hackers.
The post also outlines that the data breach was different for each customer, and Revolut will contact them individually if the need arises.
Headquartered in London, United Kingdom, Revolut is a leading financial technology company that offers diverse banking services to its customers. The banking institution also offers a set of planned crypto-related services to its users, alongside offering other services such as currency exchange, debit cards, virtual cards, Apple Pay, interest-bearing “vaults”, commission-free stock trading, crypto, and commodities.