Nearly 700,000 customers impacted after insider attack at US fintech firm
Details on how the insider attack unfolded aren't clear, but FinWise has taken action to prevent future incidents
A US-based fintech firm has warned customers their data may have been exposed following an insider attack.
FinWise, which provides loans on behalf of US financial services firms, revealed a former employee accessed sensitive customer information after leaving the firm.
According to filings with the Maine Attorney General's Office, those impacted in the breach included customers of American First Finance (AFF).
“On May 31, 2024, FinWise experienced a data security incident involving a former employee who accessed FinWise data after the end of their employment,” a customer notification letter reads.
“Some of the data impacted includes American First Finance’s (“AFF’s”) data,” it added. “FinWise contracts with AFF to offer installment loans to consumers. In this arrangement, FinWise is the lender and AFF is the technology provider”.
All told, 689,000 individuals have been impacted by the breach. Data exposed included customer information such as full names and undisclosed “data elements”, according to the firm.
FinWise did not reveal how the former employee gained access to this data and has launched a formal investigation into the matter.
“Upon learning of the incident, FinWise immediately launched an investigation in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data has been accessed,” the FinWise filing reads.
In the wake of the incident, FinWise has taken “many precautions” to safeguard customer data. The fintech firm is also free credit monitoring for those affected, along with identity theft protection services.
Insider attacks wreak havoc for enterprises
Security experts have issued repeated warnings over the threats posed by insider attacks in recent years, with research showing these types of incidents have increased significantly.
Arctic Wolf’s 2024 State of Cybersecurity report showed that 61% of organizations had identified insider threats over the course of a year, with 29% of those resulting in breaches.
Similar research from Verizon also found 34% of reported breaches came as a result of an insider.
As ITPro has previously reported, not all insider threats are intentional. In many cases, haphazard cyber hygiene practices by individual employees can result in disaster for enterprises.
Several recent incidents involved disgruntled former employees seeking to wreak havoc after being dismissed or laid off. Earlier this year, a software developer in the US was convicted after deploying a “kill switch” to sabotage his former employer’s networks.
Davis Lu caused widespread disruption at his former employer, Eaton Corp, and was found guilty of “causing intentional damage to protected computers”.
Security experts recently called for better “offboarding” practices at enterprises to prevent workers from turning on their employer once they’ve left.
Josh Kirkwood, senior manager for CyberArk’s field technology office, told ITPro this has become a common recurring issue for many companies.
“The offboarding process has long been a weak spot for many organizations. It’s clear that a shift is needed. Offboarding should not just be an afterthought,” he said.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
- Hackers are abusing ConnectWise ScreenConnect, again
- Salesloft Drift hackers had access to company GitHub account for months before attacks
-
Low-budget devices are the biggest casualty of the RAM crisisNews Say goodbye to budget devices; vendors are doubling down on high-end options to absorb costs
-
Sectigo taps Clint Maddox to lead global field operationsReviews The appointment follows a year of strong momentum for the security vendor as it expands its global channel footprint
-
Using AI to generate passwords is a terrible idea, experts warnNews Researchers have warned the use of AI-generated passwords puts users and businesses at risk
-
Researchers called on LastPass, Dashlane, and Bitwarden to up defenses after severe flaws put 60 million users at risk – here’s how each company respondedNews Analysts at ETH Zurich called for cryptographic standard improvements after a host of password managers were found lacking
-
‘They are able to move fast now’: AI is expanding attack surfaces – and hackers are looking to reap the same rewards as enterprises with the technologyNews Potent new malware strains, faster attack times, and the rise of shadow AI are causing havoc
-
Ransomware gangs are using employee monitoring software as a springboard for cyber attacksNews Two attempted attacks aimed to exploit Net Monitor for Employees Professional and SimpleHelp
-
Notepad++ hackers remained undetected and pushed malicious updates for six months – here’s who’s responsible, how they did it, and how to check if you’ve been affectedNews Hackers remained undetected for months and distributed malicious updates to Notepad++ users after breaching the text editor software – here's how to check if you've been affected.
-
CISA’s interim chief uploaded sensitive documents to a public version of ChatGPT – security experts explain why you should never do thatNews The incident at CISA raises yet more concerns about the rise of ‘shadow AI’ and data protection risks
-
Former Google engineer convicted of economic espionage after stealing thousands of secret AI, supercomputing documentsNews Linwei Ding told Chinese investors he could build a world-class supercomputer
-
90% of companies are woefully unprepared for quantum security threats – analysts say they need to get a move onNews Quantum security threats are coming, but a Bain & Company survey shows systems aren't yet in place to prevent widespread chaos
