Revolut customer data exposed in cyberattack

Fintech firm Revolut has been hit by a cyberattack that resulted in personal data of tens of thousands of users being exposed.

Described as a "highly targeted" attack -- although it is not clear who was targeted or why -- the security incident took place on the night of September 11. The attack gave an unauthorized third-party access to a range of data including postal and email addresses, account information, and phone numbers.

See also:

• Massive GTA VI video leak reveals the secrets of Rockstar Games' upcoming release
• Chrome and Microsoft Edge's enhanced spellcheckers can leak your passwords and personal data
• LastPass reveals details of August hack that gave threat actor access to its development environment for four days

Details of the attack were revealed by the Lithuanian data protection agency, Valstybinė Duomenų Apsaugos Inspekcija (VDAI). The attacker is thought to have gained access to a Revolut database using social engineering techniques; the data of just over 50,000 customers was accessible, and these individuals have been contacted to inform them of the incident.

Revolut is keen to stress that customers who have not heard from the company have nothing to worry about. In a statement, the firm said:

We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted.

An investigation into the incident is currently underway, and Revolut is warning its customers to be on the lookout for phishing attacks.