- The LG soundbar I prefer for my home theater slaps with immersive audio - and it's not the newest model
- Samsung's new flagship laptop rivals the MacBook Pro, and it's not just because of the display
- Email marketing is back and big social is panicking - everything you need to know
- Revisiting Docker Hub Policies: Prioritizing Developer Experience | Docker
- The most critical job skill you need to thrive in the AI revolution
Finastra Notifies Customers of Data Breach
British financial technology firm Finastra has notified customers impacted by a data breach that occurred over three months ago.
Between October 31 and November 8 2024, an unauthorized third party accessed the company’s secure file transfer platform (SFTP), used to share files with customers. Although the breach was detected on November 7, and the company acknowledged it shortly after, Finastra only began reaching out to affected individuals on February 12 2025.
The compromised platform allowed the threat actor to exfiltrate files containing sensitive customer information, including names and financial account details.
While the exact number of individuals affected remains undisclosed, filings with the Massachusetts Attorney General reveal that at least 65 residents in the state were impacted.
Finastra’s delay in notifying affected customers has raised questions, particularly as data breaches can leave individuals vulnerable to fraud and identity theft.
The company has stated that there is no indication the stolen data was further copied, retained or shared. “We believe the risk to individuals whose personal data was involved is low,” Finastra wrote in its notification letters.
However, the breach aligns with a now-deleted underground forum post from November 2024, where a hacker claimed to be selling 400GB of data allegedly taken from Finastra’s systems.
In response to the breach, Finastra is offering two years of free identity protection and credit monitoring through Experian to impacted customers.
The company emphasized that the breach was contained to the SFTP platform, with no evidence of lateral movement or malware deployment within its broader IT network.
Finastra, headquartered in London, provides financial software to over 8100 institutions across 130 countries, including 45 of the world’s top 50 banks.
Infosecurity has contacted the company for additional clarifications. We will update this article as soon as we receive a response.
Image credit: LCV / Shutterstock.com
