Revolut has suffered a serious data breach which may have led to the compromise of over 50,000 customers’ personal information.
The fintech giant, which is licensed in Lithuania, said in a statement the attack was “highly targeted” and that a malicious actor was only able to access 0.16% of customers’ data for a “short period” of time.
“We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted,” it continued.
“To be clear, no funds have been accessed or stolen. Our customers’ money is safe – as it has always been. All customers can continue to use their cards and accounts as normal.”
However, a notice from the Lithuanian data protection regulator the State Data Protection Inspectorate (VDAI) provided more details.
It estimated that 50,150 global customers, including 20,687 in the European Economic Area (EEA), may have had personal data stolen.
This includes names, postal and email addresses, telephone numbers, partial card details and account information.
The regulator urged affected customers to be on high alert for follow-on phishing and fraud scams using these details.
“Cyber-criminals are constantly looking for ways to make money at your expense and try to exploit human emotions in order to extract the information they need directly from you using social engineering techniques. Scammers usually follow the same principle – they try to force you to take actions without thinking about them after starting an emotional conversation,” it said.
“Malicious persons and fraudsters may try, using the publicized information about this breach of personal data security, to trick you with various login or other important personal data, offer some fictitious services and ask you to pay for them.”
In fact, reports are already starting to emerge of phishing attempts.