Equilend warns employees their data was stolen by ransomware gang

16 tháng 3, 2024

New York-based securities lending platform EquiLend Holdings confirmed in data breach notification letters sent to employees that their data was stolen in a January ransomware attack.


The financial technology company told BleepingComputer on January 24 that it was forced to take some of its systems offline two days earlier, on January 22, to contain a breach.


While Equilend didn't immediately disclose the nature of the incident, LockBit ransomware claimed responsibility for the attack in a statement to Bloomberg.


Even though the fintech firm didn't confirm LockBit's claims, it revealed on February 2 via a dedicated page for sharing more information on the incident that the January breach resulted from a ransomware attack.


Days later, Equilend said that all client-facing services were back online and had yet to find evidence that "client transaction data was accessed or exfiltrated" during the cyberattack.


However, the company confirmed in breach notification letters recently delivered to Equilend employees that the unnamed attackers did steal their personally identifiable information (PII).


"We are writing to inform you of a recent data security incident that involved your EquiLend payroll and other human resources information, including your name, date of birth and Social Security number," the company said.


"At this time, we have no evidence from the investigation that any personal information has been used to commit identity theft or fraud."


Although no signs of fraudulent activity using the stolen info have been detected yet, Equilend is providing affected employees with two years of free identity theft protection services through Identity Theft Guard Solutions (IDX).


EquiLend was established in 2001 by a group of ten global banks and broker-dealers, which included Bank of America Merrill Lynch, BlackRock, Credit Suisse, Goldman Sachs, JP Morgan, Morgan Stanley, National Bank of Canada, Northern Trust, State Street, and UBS.



It now has over 330 employees and offices in North America, EMEA, and Asia-Pacific, while its services are used by more than 190 firms worldwide, including agency lending banks, hedge funds, and broker-dealers.


Securities finance marketplace participants also use Equilend's Next Generation Trading (NGT) multi-asset securities trading platform in transactions worth more than $2.4 trillion monthly.



Source: BleepingComputer



Bạn cũng có thể quan tâm

4 tháng 6, 2024
Bộ định tuyến chơi game TP-Link Archer C5400X dễ mắc phải các lỗi bảo mật có thể cho phép kẻ tấn công từ xa, không được xác thực thực thi các lệnh trên thiết bị.
3 tháng 6, 2024
Ngày 27 tháng 5 Check Point đã cảnh báo rằng các tác nhân đe dọa đang nhắm mục tiêu vào các thiết bị VPN truy cập từ xa của Check Point trong một chiến dịch đang diễn ra nhằm xâm phạm mạng doanh nghiệp.
31 tháng 5, 2024
Công ty quản lý đơn thuốc Sav-Rx cảnh báo hơn 2,8 triệu cá nhân ở Hoa Kỳ việc họ đã bị vi phạm dữ liệu và dữ liệu cá nhân của họ đã bị đánh cắp trong một cuộc tấn công mạng năm 2023.
Thêm bài viết
Share by: