Revolut Breach: Company Confirms Over 50,000 Affected Customers

The breach that happened to financial technology company Revolut last week may have exposed over 50,000 customers of the digital bank. The Lithuanian State Data Protection Inspectorate said on 16th September that it got a notification from Revolut concerning the breach of personal data security. The State data protection agency summarized that the criminal gained access to its database by phishing. It mentioned that preliminary data showed that the database was obtained through the use of “social engineering methods.”

Specifically, the attack affected the data of 50,150 customers around the world. The figure includes 20,687 in the European Economic Area. Now, the names, addresses, emails, postal addresses, account data, and other sensitive information of the customers are exposed. The State Data Protection Inspectorate stated there are 379 potentially affected users in Lithuania.

Revolut mentioned that the breach affected 0.16% of its over 20 million customers. Apart from its extensive customer base, the company also offers exposure to about 80 crypto assets. A spokesperson wrote that the team “immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected.” It assured that customers who have not received emails had not been impacted.

Revolut Communicates with Victims after Breach

Revolut is communicating with specific customers who are victims of the attack as it launched an investigation into the breach. The fintech company emphasized that it will not call or send messages to users asking for login details or access codes while addressing the matters. Hence, all are expected to be alert and watch out for suspicious calls or SMS messages.

The State agency educated residents on personal data security, emphasizing the need to be alert and attentive in cyberspace. With the alarming rise in cyber attacks, everyone needs to take preventive measures not to fall victim to the alarming increasing cybercrime. The attackers are constantly looking for ways to extract sensitive information through phishing. The State Data Protection Inspectorate continued:

“Be critical about who you share your personal data with. Banks and other legitimate organizations or institutions usually do not ask for login data and personal information by e-mail. By letters, phone or social networks. Be careful with all e-mails. letters or SMS messages asking for any personal information, and in case of suspicion, try to contact the official contact phone number for that organization and ask what your personal data will be used for.”

Furthermore, the government agency urges residents to be careful with links received via emails or text messages.

Revolut secured $800 million in fresh capital last year, after which the startup was valued at over $33 billion. The Series E funding was co-led by Softbank Vision Fund 2 and Tiger Global.