Revolut Fell For Social Engineering Attack, Data From 50K Users Exposed
As an affiliate, we may earn from qualifying purchases. We get commissions for purchases made through links on this website.
Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase
It was Revolut’s turn. Another day, another data breach in the crypto world. About a week ago, someone at the company’s headquarters got scammed. According to Revolut, the social hackers only had access to the data for a “short period of time”. And the breach only affected 0.16 percent of their customers. Not bad, right? Well, apparently the attackers got hold of 50,000 people’s data. And they are already trying to trick them. Additionally, they may have taken control of Revolut’s website.
But let’s start from the beginning. The company’s banking license is registered in Lithuania, so Revolut reported the case Lithuanian State Data Protection Authority. They reveal that the attack was done through social engineering. Revolut did not admit it. The Lithuanian Data Protection Agency also provides a packed summary of the case, which includes most of the facts:
“According to the verified information provided, the data of 50,150 customers around the world (including 20,687 in the European Economic Area) may have been affected by the incident, such as names, addresses, e-mails, postal addresses, telephone numbers, some payment card information (according to the information provided by the company, card numbers were masked), account information, etc. .
And to cover all the bases, here’s a definition of “social engineering.” For Investopedia:
“Social engineering is the act of exploiting human weaknesses to gain access to personal information and secure systems. Social engineering is based on manipulating individuals rather than hacking computer systems to gain access to a target’s account.”
What does Revolut grant?
The company described the incident as a “well-targeted cyber attack” in which an “unauthorized third party” gained access to a small portion of users’ personal data. In a split statement With the Bleeping ComputerRevolut continued:
“We immediately identified and isolated the attack to limit its impact and have contacted affected customers. Customers who did not receive the email have not been affected.
To be clear, the funds have not been tampered with or stolen. Our customers’ money is safe – as always. All customers can continue to use their cards and accounts normally.”
Not bad, right? Well, at least one customer who didn’t receive the email is reporting being contacted by scammers. “I haven’t received an email from you, but I’m getting a scam text message claiming to be from Revolut. How did they get my number and know I have a Revolut account?” JT tweeted a few days ago. He got a generic “Hey! Could you please contact our support team via in-app chat about this?” in response.
The company’s official statement ends with promises:
“We take incidents like this incredibly seriously and want to sincerely apologize to all customers affected by this incident, as the security of our customers and their data is our top priority at Revolut.”
Is there more to the story though?
ETH price chart for 09/23/2022 on FTX | Source: ETH/USD on TradingView.com
According to Bleeping Computer, there may have been more scams going on. Apparently Revolut users reported that the support chat was shows foul language close to the time of social manipulation. The publication clarifies:
“While it is not clear whether this corruption is related to the data breach disclosed by Revolut, it does indicate that the hackers may have had access to a wider range of systems used by the company.”
Did the hackers gain access to more data than allowed? Or was this an isolated incident and the whole thing just a coincidence? Can we believe the reports? A couple of pictures prove nothing and there are no dates on them. Why do hackers deface a website if they are looking for money? Then again, maybe they did. And those posts may mean they got more access than Revolut admitted.
Featured Image by Kris from Pixabay | Charts by TradingView