Major cybersecurity breach hits over 690,000 clients at American financial technology company
A US-based fintech firm, FinWise, has experienced a significant data security incident on May 31, 2024. Approximately 689,000 individuals have been impacted by the breach, with data including customer information such as full names and undisclosed "data elements" exposed.
The incident involved a former employee of FinWise accessing sensitive data after the end of their employment. This unfortunate event serves as a stark reminder of the rising threats of insider attacks, a trend that security experts have been warning about for years.
In fact, the Arctic Wolf's 2024 State of Cybersecurity report indicates that 61% of organisations identified insider threats over a year, with 29% resulting in breaches. Similar research from Verizon found that 34% of reported breaches came as a result of an insider.
Not all insider threats are intentional; haphazard cyber hygiene practices by individual employees can lead to disasters for enterprises. In this case, it's unclear whether the former FinWise employee acted intentionally or unintentionally, but the incident underscores the need for improved offboarding practices.
Offboarding should not be an afterthought, according to CyberArk's senior manager, Josh Kirkwood. The offboarding process has been identified as a weak spot for many organisations, and a shift in approach is needed.
FinWise has taken "many precautions" to safeguard customer data following the incident. The company has launched a formal investigation into the matter and is offering free credit monitoring and identity theft protection services to those affected.
It's worth noting that this isn't the first instance of an insider attack. Earlier this year, a software developer named Davis Lu was convicted for deploying a "kill switch" to sabotage Eaton Corp's networks.
Security experts have called for better offboarding practices at enterprises to prevent workers from turning on their employer once they've left. Moreover, hackers have been abusing ConnectWise ScreenConnect, posing a potential security risk.
In the wake of the FinWise data breach, it's crucial for businesses to reevaluate their offboarding processes and invest in cybersecurity measures to protect their sensitive data and maintain the trust of their customers.
Read also:
- Exploring Harry Potter's Lineage: Decoding the Enigma of His Half-Blood Ancestry
- Elon Musk Acquires 26,400 Megawatt Gas Turbines for Powering His AI Project, Overlooks Necessary Permits for Operation!
- U Power's strategic collaborator UNEX EV has inked a Letter of Intent with Didi Mobility to deploy UOTTA(TM) battery-swapping electric vehicles in Mexico.
- Global Gaming Company, LINEUP Games, Moves Into Extensive Global Web3 Multi-Platform Gaming Network
