2 min read

Revolut Hacked! Phishers Gain Internal Access and Compromise 50,000+ Accounts

Filip TRUȚĂ

September 20, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Revolut Hacked! Phishers Gain Internal Access and Compromise 50,000+ Accounts

Fin-tech giant Revolut has suffered a serious breach, with unknown hackers compromising more than 50,000 customer accounts.

The breach occurred on Sunday, Sept. 11, with Revolut moving quickly to mitigate the impact. While the attack was stifled by the following day, hackers had already managed to compromise 50,150 accounts, or 0.16% of the current install base.

A scary notice

Affected customers took to the web to share the unsettling letter sent to them by the company, with Revolut saying the attack was highly targeted and that those receiving the notice are now at “increased risk of fraud.”

“We recently received a highly targeted cyber attack from an unauthorized third party that may have gained access to some of your information for a short period of time,” the company tells those impacted by the breach. “You do not need to take any action, however we wanted to let you know, and sincerely apologize for this incident.”

All signs point to a phishing attack targeting Revolut employees to obtain access to the company’s infrastructure.

Hackers steal phone numbers, addresses, full names

Revolut’s letter to affected clients says “we want to reassure you that your data is now safe. But according to the State Data Protection Inspectorate in Lithuania, where Revolut is licensed to operate as a bank, hackers likely got their hands on email addresses, full names, postal addresses, phone numbers, limited payment card data, and various types of data related to the users’ accounts, meaning those affected are indeed at increased risk of fraud and phishing attacks.

“We emphasize that no access was made to the theft of funds,” Revolut adds. “Your money is safe, as always. You can use your card and account normally.”

Revolut recommends that, while users’ money should be safe, they should be “especially vigilant for any suspicious activity, including suspicious emails, phone calls or messages.”

“This was an isolated incident and the security of our customers' accounts remains our top priority,” the letter states.

Watch out for ongoing phishing attacks, fraud

A smishing campaign is said to be underway targeting Revolut customers, likely in an effort to capitalize on the scare.

And according to this Reddit thread, the hack ‘coincided’ with an inside job where a rogue employee tampered with the company’s customer support chat. It wouldn’t be out of the question for the two incidents to be, in fact, correlated.

The fin-tech giant apologetically tells impacted clients that it won’t be able to answer all of their questions as investigations are still ongoing, only promising to “be in touch shortly with further information if needed.”

Revolut maintains that no card details, PINs or passwords were accessed as a result of this incident.

Find out if your data was exposed in a breach

Bitdefender Digital Identity Protection is a privacy-focused service that automatically searches for leaked personal data online (including on the dark web), and sends real-time alerts if your private information has been exposed.

And if you're in fraudsters' crosshairs, Bitdefender Identity Theft Protection offers real-time data breach monitoring and fraud monitoring, among other perks, to combat identity theft.

Read more about our identity protection and privacy solutions here.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Matrix Releases Updates to Patch Critical End-to-end Encryption Vulnerabilities Matrix Releases Updates to Patch Critical End-to-end Encryption Vulnerabilities
Vlad CONSTANTINESCU

September 30, 2022

2 min read
US Taxpayers Urged to Stay Vigilant as Major IRS-Themed Smishing Campaign Unfolds US Taxpayers Urged to Stay Vigilant as Major IRS-Themed Smishing Campaign Unfolds
Filip TRUȚĂ

September 29, 2022

1 min read
Auth0 Discloses Security Incident, Says Source Code Repos Were Likely Stolen Auth0 Discloses Security Incident, Says Source Code Repos Were Likely Stolen
Vlad CONSTANTINESCU

September 29, 2022

1 min read