Finastra Investigates Data Breach After Hacker Claims Access to 400GB of Client Files

Finastra, a financial software company based in London, is currently looking into a data breach. This comes after a hacker claimed that they compromised the company’s internal file-transfer platform.

In a statement to TechCrunch, spokesperson Sofia Romano confirmed that suspicious activity was detected on their Secure File Transfer Platform (SFTP) on November 7.

The news of the breach was first reported by cybersecurity journalist Brian Krebs. A hacker on a well-known cybercrime forum claimed to be selling stolen files from Finastra’s largest banking clients. In a now-deleted post, they stated they had 400 gigabytes of data, including client files and internal documents.

Finastra shared an incident disclosure with its customers, which Krebs obtained. They confirmed that data was exfiltrated from their systems. Romano mentioned that the company first informed customers about the incident on November 8 and has been keeping them updated on what they know.

While Finastra did not specify which file-transfer platform was compromised, the hacker claimed the stolen data came from IBM Aspera. This software helps organizations transfer large files and datasets over the internet.

When asked, Finastra did not disclose how many customers were affected or what types of data were accessed.

Romano stated, “We are analyzing affected data to determine which specific customers were impacted. We’re also assessing which of our products are not dependent on the compromised SFTP platform.” She added, “The affected SFTP platform is not used by all customers, so we’re working quickly to identify those who are not affected.”

Finastra is still investigating the root cause of the breach. Initial evidence suggests that credentials were compromised, which indicates a potential theft of usernames and passwords. It’s unclear if the system had multi-factor authentication, which can help prevent such attacks.