The personal details of thousands of customers were exposed after digital challenger bank Revolut was hit by a “highly targeted cyber attack”.
The App based bankingLaunched in the UK in 2015, it admitted that a third party had accessed the personal details of 0.16% of its 20 million customers, but said “no funds were accessed or stolen”..
A Revolut spokesperson said the company “immediately identified and isolated the attack and contacted affected customers to effectively limit its impact”. It added that customers who did not receive an email were “not affected”.
“We take incidents like this incredibly seriously, and we sincerely apologize to any customers affected by these incidents, as the security of our customers and their data is our highest priority at Revolut,” the spokesperson said.
in a Email to affected customersRevolut wrote: “As you were part of a very small percentage of affected customers, we want to reassure you that your data is now safe, and we understand that you may have questions about this incident.
“Your money is always safe,” it said. “You can use your card and account normally.”
However, it added that there may be a greater risk of fraud for affected customers. “As a precaution, we have created a dedicated team to monitor your account and keep your money and account safe,” Revolut said. “We recommend that you be especially alert for any suspicious activity, including suspicious emails, phone calls or messages.”
Derrick Mitchelson, field chief information security officer at security software company Check Point, said the attack on Revolut appeared to be the result of social engineering. “These types of phishing attacks can be very persuasive and appear real, giving them a high chance of success,” he said.
“Now that they have access to this data, we will likely see an increase in phishing or prank attempts asking people to reset passwords or account details,” Mitchelson added. “Any Revolut customers should be on high alert for unofficial emails or messages that contain malicious links.”
He said the finance and banking sector had always been a hot target for hackers, with Check Point data showing an average of 849 cyber attacks per week over the past six months.