November 20, 2024 at 03:58PM
Finastra confirmed a cybersecurity incident involving compromised credentials on November 7, 2024, with a threat actor selling stolen data. An investigation shows no evidence of broader breaches beyond their Secure File Transfer Platform. The impact assessment is ongoing, and affected clients will be contacted directly. Finastra previously faced a ransomware attack in 2020.
### Meeting Notes Takeaways:
1. **Cybersecurity Incident Confirmation**: Finastra confirmed a cybersecurity incident affecting its Secure File Transfer Platform (SFTP) after stolen data was allegedly offered for sale online.
2. **Company Overview**:
– Finastra is a financial software firm serving over 8,000 institutions globally, including 45 of the top 50 banks.
– The company employs 12,000 people and reported $1.7 billion in revenue last year.
3. **Incident Details**:
– Date of incident: November 7, 2024.
– Compromised credentials allowed unauthorized access to the SFTP system.
– External cybersecurity experts are aiding the investigation, which has found no evidence of a breach extending beyond the SFTP platform.
4. **Investigation Findings**:
– Finastra maintains that the compromised platform was not the default for all customers and did not affect all users.
– The full impact and scope are still under investigation, and impacted individuals will be contacted directly.
5. **Threat Actor**:
– The breach is linked to a post by a hacker identified as “abyss0” who claimed to sell 400GB of Finastra’s data.
– The post has since been deleted, leaving uncertainties about whether the data was sold or removed due to publicity.
6. **Previous Incident**:
– In March 2020, Finastra experienced a significant ransomware attack, which led to service disruptions and highlighted issues in their vulnerability management strategy.
7. **Public Disclosures**: Due to the ongoing investigation, Finastra does not expect to make public disclosures regarding the breach’s specifics.
8. **Next Steps**: Updates and further assessments will be provided as the situation evolves and the investigation progresses.