"Finastra Starts Notifying People Impacted by Recent Data Breach"

British fintech giant Finastra has recently started sending written notifications to individuals whose personal information was stolen in a data breach.  The incident came to light in mid-November 2024 after a threat actor offered data on an underground forum allegedly stolen from the company’s systems.  The hacker claimed the theft of 400 gigabytes of data.  After an investigation, Finastra revealed that, between October 31, 2024, and November 8, 2024, a threat actor accessed an internal secure file transfer platform multiple times and that they exfiltrated certain files from the platform.  The stolen files, the company says, included personal information such as names and financial account information.  Finastra is providing impacted individuals with two years of free identity protection and credit monitoring services.  The company did not disclose how many individuals might have been affected or share other details on the cyberattack.  The fact that the threat actor’s post on the underground forum was deleted relatively quickly may suggest that the company engaged in negotiations with the intruder and paid to have the stolen information deleted.

SecurityWeek reports: "Finastra Starts Notifying People Impacted by Recent Data Breach"