On March 20, 2020, Finastra, a financial services software provider, announced that a “bad-actor” was attempting to introduce malware into their network in what was described as a “common ransomware attack.”
Finastra is a company spanning retail banking, transaction banking, lending, and treasury and capital markets. Finastra claims a global footprint and the widest set of financial software solutions available. Finastra has reported over $1.9 billion in revenues, 10,000 employees and over 9,000 customers, including 90 of the top 100 banks globally.
Finastra said that its own monitoring systems detected the attack and as part of the company’s response it pulled the plug on some servers taking them offline.
Last night, Finastra posted the following update:
Following Friday’s incident, Finastra’s teams have been working tirelessly to bring our systems back online. We’ve made significant progress and are now able to bring back online the servers which we voluntarily took offline whilst we neutralized the threat. We are working with our impacted customers systematically and securely to return to normal operations.
Because our solutions each have their own nuanced processes to move from being available to operationally live, each of our products will be back once readiness steps are completed.
We would like to reassure our stakeholders that, to the best of our knowledge, we do not believe that any customer or employee data was accessed or exfiltrated, nor do we believe our clients’ networks were impacted.
Thank you for your patience and understanding as we restore our systems. We will provide further information as soon as it is available.
Finastra earlier stated that they have an industry-standard security program in place, and they are in the process of conducting a rigorous review of their systems to ensure that customer and employee data continues to be safe and secure.
Finastra is also working with the “relevant authorities” or law enforcement to identify the perpetrators of the attack.
While it appears that Finastra has effectively countered the digital assault the experience highlights the changing world of digital financial services and the need for effective cybersecurity protocols as well as enforcement agencies that can quickly identify cybercriminals.