One of the world’s largest fintechs, Finastra, recently experienced a major data breach. Since Finastra’s solutions have been used across large banking service providers, it is likely that many financial services firms may experience challenges when it comes to user privacy and security.
According to multiple reports, hackers were able to gain unauthorized access to their system and allegedly steal 400GB of highly sensitive data.
Since Finastra works with around 8600 financial institutions internationally including some of the largest global banking institutions, there’s a fair chance this breach impacts Canadian financial institutions. This, according to an update shared by the National Crowdfunding and Fintech Association (NFCA).
Finastra has 12,000 staff members and reported revenue of $1.7 billion just this past year.
As widely reported, the hackers were able to gain access to Finastra’s Secure File Transfer Platform (SFTP) by allegedly using compromised credentials most likely stolen via infostealer malware.
There appeared to be a major security flaw given the lack of multi-factor authentication (MFA) in place, which could have made it a lot easier for the bad actors to gain access.
After they did, they began to move quickly to obtain a huge amount of sensitive data which then appeared for sale on darknet forums after the incident.
Although there is not a complete list available of what was stolen, industry professionals believe that highly sensitive data has been compromised and is is now in the possession of malicious actors.
Some data that could have been compromised:
- Bank-to-bank agreements and contracts
- Sensitive operational information such as compliance reports and settlement data
- Customer information including names, addresses, and account details
According to the update from the NFCA, Finastra has strong ties to Canada. So sensitive data of consumers has most likely been leaked. And it is probably a fairly serious issue.
It’s worth noting that Finastra was established when UK-based Misys merged with D+H, a Canadian fintech firm. D+H had been considered to be the preferred tech provider for Canadian banking platforms, credit unions, as well as government programs.
Finastra provides various services to Canadian financial institutions such as: cheque processing; payment systems; mortgage tech; student loans (which includes different programs with the Canadian government).
Finastra’s platforms are used for different financial processes, so if a Canadian bank is using the SFTP system for secure file transfers, then they are part of the breach (technically speaking although not confirmed at the time of writing).
Canadian banks that operate globally might be sharing interconnected systems with other impacted customers.
The fallout of the incident might be that the compromised financial data is used in a variety of malicious ways.
Canada’s privacy laws such as PIPEDA may issue heavy penalties if sensitive details have been exposed.
Canadian banks may also lose trust with their customers. A breach like this will most likely draw serious attention from regulators and other concerned industry participants.
At present, Finastra is working with cybersecurity professionals to figure out what happened and maybe consider taking preventive and proactive measures.
The Fintech is in the process of reviewing its authentication protocols and enhancing security of its SFTP system.
They have reportedly informed the affected clients including financial institutions and are working closely with them to determine the extent of the exposure and what steps to take in this situation.
Finastra must give critical answers soon including the complete extent of the security breach and which customers have been impacted and just how.
Simon Paris, CEO at Finastra said:
“Our top priority is resolving this issue and ensuring the safety of our clients’ data.”
Finastra is presently conducting an investigation to find out the impact of the breach and to understand its actual impact.