Revolut notified the cyber attack to the Lithuanian State Data Protection Inspectorate, saying that access to its database was obtained through social engineering methods. The hackers who infiltrated the firm’s systems lat last Sunday were identified and locked out by Monday 2am, dramatically limiting its impact, according to Finextra.
All the same, the data of about 50,150 customers worldwide (20,687 of them in European Economic Area), such as names, addresses, e-mail addresses, telephone numbers, part of the payment card data and account details were ripped from its servers.
In a letter to customers affected by the hack that was posted on Reddit, Revolut states: „We recently received a highly targeted cyber attack from an unauthorised third party that may have gained access to some of your information for a short period of time. You do not need to take any action, however we wanted to let you know, and sincerely apologise for this incident.”
Revolut states that all card data was hashed and that no PINs or passwords were accessed.
„Dupa ce oamenii creeaza un cont PayByFace si au adaugat cardul, selfi-ul si PIN-ul, si au avut un pic de curaj sa se duca sa incerce, daca au incercat o data plata prin recunoastere faciala nu mai folosesc altceva (n.r. ca modalitate de plata). 80% dintre ei numai asta folosesc. Le place la nebunie.”
Afla aici rezultatele in adoptia platii prin recunoastere faciala.