Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Fintech. Show all posts
fintech companies
Cyber Security digital financial crime Digital Payment fake error messages Fintech fintech companies

Zoho Books Dispute Highlights Third-Party Payment Error Impacting FlexyPe Transactions

 

A conflict involving the fintech firm FlexyPe and the accounting platform Zoho has highlighted potential dangers when external tools connect to financial platforms. Problems emerged following inconsistencies found in FlexyPe's payment logs, which it first linked to flaws within Zoho Books. 

Out of the blue, FlexyPe's Azeem Hussain shared that a hands-on review of financial records showed some transaction failures wrongly labeled as completed. Because of this mismatch, around ₹3.8 lakh appeared logged in Zoho Books as paid - though the money never arrived. While checking entries line by line, the team spotted the gap between system data and real bank inflows. Since then, corrections have been made to reflect what actually moved through the accounts. 

Still nothing arrived, yet Zoho claimed otherwise, Hussain noted - wondering just how many months slipped by undetected. Processing vast numbers of transactions every day, the company now examines its finances more deeply, tracing back twenty-four months to uncover further mismatches that might exist. Still, Zoho pushed back hard against the allegations, insisting the fault lay elsewhere. 

Its official statement pointed to a different source: problems emerged not from inside its own systems. Instead, trouble began when Cashfree Payments - handling payments externally - marked failed attempts as complete. This mismatch fed faulty data into FlexyPe’s records. The result? Discrepancies piled up where numbers should have balanced. Zoho pointed out how its staff helped FlexyPe trace the core problem, while mentioning Cashfree’s public admission of the flaw. 

Although the inquiry wasn’t finished, FlexyPe aired accusations online - a move Zoho called premature. Because of this, the firm views those statements as inaccurate, which might lead to legal steps. Now, questions arise about timing, given the early release of unverified details by one party. Cashfree Payments addressed the matter, stating they found the problem within their system and are now moving forward with corrective steps. 

While building a lasting answer, a short-term adjustment went live to keep FlexyPe running smoothly. Even after clear explanations, legal steps are being prepared by Hussain to claim back money lost because of the event. What happened shows why checking records carefully matters - especially when outside software plays a key role in handling finances. When companies depend more on linked systems, this event shows how small connection mistakes might trigger serious problems in operations and costs.
Read more »
Technology
AI Data data security Fintech India Technology

India's Fintech Will Focus More on AI & Compliance in 2026


India’s Fintech industry enters the new year 2026 with a new set of goals. The industry focused on rapid expansion through digital payments and aggressive customer acquisition in the beginning, but the sector is now focusing more towards sustainable growth, compliance, and risk management. 

“We're already seeing traditional boundaries blur- payments, lending, embedded finance, and banking capabilities are coming closer together as players look to build more integrated and efficient models. While payments continue to be powerful for driving access and engagement, long-term value will come from combining scale with operational efficiency across the financial stack,” said Ramki Gaddapati, Co-Founder, APAC CEO and Global CTO, Zeta.

India’s fintech industry is preparing to enter 2026 with a new Artificial intelligence (AI) emerging as a critical tool in this transformation, helping firms strengthen fraud detection, streamline regulatory processes, and enhance customer trust.

What does the data suggest?

According to Reserve Bank of India (RBI) data, digital payment volumes crossed 180 billion transactions in FY25, powered largely by the Unified Payments Interface (UPI) and embedded payment systems across commerce, mobility, and lending platforms. 

Yet, regulators and industry leaders are increasingly concerned about operational risks and fraud. The RBI, along with the Bank for International Settlements (BIS), has highlighted vulnerabilities in digital payment ecosystems, urging fintechs to adopt stronger compliance frameworks. A

AI a major focus

Artificial intelligence is set to play a central role in this compliance-first era. Fintech firms are deploying AI to:

Detect and prevent fraudulent transactions in real time  

Automate compliance reporting and monitoring  

Personalize customer experiences while maintaining data security  

Analyze risk patterns across lending and investment platforms  

Moving beyond payments?

The sector is also diversifying beyond payments. Fintechs are moving deeper into credit, wealth management, and banking-related services, areas that demand stricter oversight. It allows firms to capture new revenue streams and broaden their customer base but exposes them to heightened regulatory scrutiny and the need for more robust governance structures.

“The DPDP Act is important because it protects personal data and builds trust. Without compliance, organisations face penalties, data breaches, customer loss, and reputational damage. Following the law improves credibility, strengthens security, and ensures responsible data handling for sustained business growth,” said Neha Abbad, co-founder, CyberSigma Consulting.




Read more »
Theft
Banks Brazil Cyber Fraud Fintech Theft

Hackers Target Brazilian Payments Provider in Attempted $130 Million Theft

 



A concerning cyber incident has shaken Brazil’s financial technology sector after criminals attempted to steal nearly $130 million through the country’s real-time payments network, Pix. The breach was detected on August 29, 2025, when Sinqia S.A., a São Paulo-based financial software company owned by Evertec, noticed unauthorized activity in its systems.


What Happened

According to Evertec’s disclosure to the U.S. Securities and Exchange Commission, attackers gained entry into Sinqia’s Pix environment and tried to initiate unauthorized business-to-business transfers. Pix, operated by the Central Bank of Brazil, is an instant payments platform that has become the country’s most widely used method for digital transfers since its launch in 2020.

The attempted theft targeted two financial institutions connected to Sinqia’s services. Once the suspicious activity was detected, Sinqia suspended all Pix-related transactions and brought in external cybersecurity experts to investigate.


How the Attackers Broke In

Initial findings show that the hackers gained access by using stolen credentials belonging to an IT service provider. By leveraging legitimate login details, they were able to penetrate Sinqia’s Pix environment and attempt large-scale transfers. This method, often referred to as a supply chain or vendor compromise, has become increasingly common in financial cyberattacks because it exploits trusted third-party relationships.

So far, Evertec has found no evidence that the breach extended beyond Sinqia’s Pix systems or that customer data was exposed.


Response and Recovery

As a precaution, the Central Bank of Brazil revoked Sinqia’s access to Pix until it can confirm the environment is secure. This suspension directly affects 24 financial institutions that rely on Sinqia to process instant transfers. The company has stated that some of the stolen funds have already been recovered, though it has not disclosed the amount. Recovery efforts are still underway, and the overall financial and reputational impact remains uncertain.

Evertec acknowledged that the consequences could be “material,” particularly in relation to customer trust and the company’s internal controls. Investigations are ongoing, and Sinqia continues to work with regulators and forensic experts to restore secure access to Pix.


Why This Matters

The case stresses upon the risks facing modern payment systems that operate at high speed and high volume. Pix is widely used in Brazil for everything from personal transfers to business payments, making it an attractive target for cybercriminals. By exploiting vendor credentials, attackers can bypass traditional defenses and reach critical financial infrastructure.

For banks, service providers, and regulators, the incident underscores the importance of constant vigilance, strict vendor oversight, and layered defenses against credential theft. For users, it is a reminder of both the convenience and the risks that come with instant payment systems.

Investigations are still unfolding, and more details are expected in the coming weeks as Evertec and Brazilian authorities work to close the breach and strengthen protections.



Read more »
Security
AI Banking Biometrics Cyber Crime Fintech Fraud identity Payments Scams Security

Account Takeover Fraud Surges as Cybercriminals Outpace Traditional Bank Defenses

 

As financial institutions bolster their fraud prevention systems, scammers are shifting tactics—favoring account takeover (ATO) fraud over traditional scams. Instead of manipulating victims into making transactions themselves, fraudsters are bypassing them entirely, taking control of their digital identities and draining funds directly.

Account takeover fraud involves unauthorized access to an individual's account to conduct fraudulent transactions. This form of cybercrime has seen a sharp uptick in recent years as attackers use increasingly advanced techniques—such as phishing, credential stuffing, and malware—to compromise online banking platforms. Conventional fraud detection tools, which rely on static behavior analysis, often fall short as bad actors now mimic legitimate user actions with alarming accuracy.

According to NICE Actimize's 2025 Fraud Insights U.S. Retail Payments report, the share of account takeover incidents has increased in terms of the total value of fraud attempts between 2023 and 2024. Nevertheless, scams continue to dominate, making up 57% of all attempted fraud transactions.

Global financial institutions witnessed a significant spike in ATO-related incidents in 2024. Veriff's Identity Fraud Report recorded a 13% year-over-year rise in ATO fraud. FinCEN data further supports this trend, revealing that U.S. banks submitted more than 178,000 suspicious activity reports tied to ATO—a 36% increase from the previous year. AARP and Javelin Strategy & Research estimated that ATO fraud was responsible for $15.6 billion in losses in 2024.

Experts emphasize the need to embrace AI-powered behavioral biometrics, which offer real-time identity verification by continuously assessing how users interact with their devices. This shift from single-point login checks to ongoing authentication enables better threat detection while enhancing user experience. These systems adapt to variables such as device type, location, and time of access, supporting the NIST-recommended zero trust framework.

"The most sophisticated measurement approaches now employ AI analytics to establish dynamic baselines for these metrics, enabling continuous ROI assessment as both threats and solutions evolve over time," said Jeremy London, director of engineering for AI and threat analytics at Keeper Security.

Emerging Fraud Patterns
The growth of ATO fraud is part of a larger evolution in cybercrime tactics. Cross-border payments are increasingly targeted. Although international wire transfers declined by 6% in 2024, the dollar value of fraud attempts surged by 40%. Fraudsters are now focusing on high-value, low-volume transactions.

One particularly vulnerable stage is payee onboarding. Research shows that 67% of fraud incidents were linked to just 7% of transactions—those made to newly added payees. This finding suggests that cybercriminals are exploiting the early stages of payment relationships as a critical vulnerability.

Looking ahead, integrating multi-modal behavioral signals with AI-trained models to detect sophisticated threats will be key. This hybrid approach is vital for identifying both human-driven and synthetic fraud attempts in real-time.
Read more »
OpenAI partnership
AI capabilities AI Systems AI technology AI Tool Customer Service Cyber Security Fintech OpenAI OpenAI partnership

Klarna Scales Back AI-Led Customer Service Strategy, Resumes Human Support Hiring

 

Klarna Group Plc, the Sweden-based fintech company, is reassessing its heavy reliance on artificial intelligence (AI) in customer service after admitting the approach led to a decline in service quality. CEO and co-founder Sebastian Siemiatkowski acknowledged that cost-cutting took precedence over customer experience during a company-wide AI push that replaced hundreds of human agents. 

Speaking at Klarna’s Stockholm headquarters, Siemiatkowski conceded, “As cost unfortunately seems to have been a too predominant evaluation factor when organizing this, what you end up having is lower quality.” The company had frozen hiring for over a year to scale its AI capabilities but now plans to recalibrate its customer service model. 

In a strategic shift, Klarna is restarting recruitment for customer support roles — a rare move that reflects the company’s need to restore the quality of human interaction. A new pilot program is underway that allows remote workers — including students and individuals in rural areas — to provide customer service on-demand in an “Uber-like setup.” Currently, two agents are part of the trial. “We also know there are tons of Klarna users that are very passionate about our company and would enjoy working for us,” Siemiatkowski said. 

He stressed the importance of giving customers the option to speak to a human, citing both brand and operational needs. Despite dialing back on AI-led customer support, Klarna is not walking away from AI altogether. The company is continuing to rebuild its tech stack with AI at the core, aiming to improve operational efficiency. It is also developing a digital financial assistant designed to help users secure better interest rates and insurance options. 

Klarna maintains a close relationship with OpenAI, a collaboration that began in 2023. “We wanted to be [OpenAI’s] favorite guinea pig,” Siemiatkowski noted, reinforcing the company’s long-term commitment to leveraging AI. Klarna’s course correction follows a turbulent financial period. After peaking at a $45.6 billion valuation in 2021, the company saw its value drop to $6.7 billion in 2022. It has since rebounded and aims to raise $1 billion via an IPO, targeting a valuation exceeding $15 billion — though IPO plans have been paused due to market volatility. 

The company’s 2024 announcement that AI was handling the workload of 700 human agents disrupted the call center industry, leading to a sharp drop in shares of Teleperformance SE, a major outsourcing firm. While Klarna is resuming hiring, its overall workforce is expected to shrink. “In a year’s time, we’ll probably be down to about 2,500 people from 3,000,” Siemiatkowski said, noting that attrition and further AI improvements will likely drive continued headcount reductions.
Read more »
Security Incident
Data Breach Data Leak Financial Data Fintech Security Incident

Fintech Giant Finastra Breach Exposed Private Data, Company Notifies Victims

 

The financial technology behemoth Finastra is alerting victims of a data breach after unidentified hackers initially gained access to its networks in October 2024 and took their personal data. More than 8,100 financial institutions in 130 countries, including 45 of the top 50 banks in the world, rely on London-based Finastra to supply financial services software applications.

The security incident was discovered on November 7 after Finastra detected malicious activity on some of its systems, as the business warned in breach notification letters given to those impacted by the breach. 

"Our investigation revealed that an unauthorized third party accessed a Secure File Transfer Platform (SFTP) at various times between October 31, 2024 and November 8, 2024. Findings from the investigation indicate that on October 31, 2024, the unauthorized third party obtained certain files from the SFTP," the fintech giant noted. 

"Finastra has no indication the unauthorized third party further copied, retained, or shared any of the data. We have no reason to suspect your information has or will be misused. As a result, we believe the risk to individuals whose personal data was involved is low.” 

At least 65 people in the state whose financial account information was stolen received breach notification letters from Finastra last week, although the company has not yet disclosed the number of victims or the type of data that was compromised (apart from the names of the victims), according to filings with the Massachusetts Attorney General's office. 

Additionally, the financial services organisation offers those whose information was compromised or stolen in the incident two years of free credit monitoring and identity restoration services through Experian.

The hack is believed to be connected to a (now-deleted) post on the BreachForums online cybercrime community by a threat actor called "abyss0" who claimed to sell 400GB of data allegedly stolen from Finastra's network, despite the fact that Finastra only revealed a very small amount of information in filings with Attorney General offices.

Last year in November, when a local media outlet enquired about the forum post, a Finastra spokesperson declined to confirm or deny ownership of the data, stating that the company experienced a limited-scope security incident and is assessing its impact.

"On November 7, 2024 Finastra's Security Operations Center (SOC) detected suspicious activity related to an internally hosted Secure File Transfer Platform (SFTP) we use to send files to certain customers," Finastra added. 

Finastra was also forced to shut down parts of its systems in March 2020 to combat what Tom Kilroy, the company's Chief Operating Officer at the time, described as a ransomware attack. While the company did not disclose how the attackers got access to its systems, cyber threat intelligence firm Bad Packets discovered that Finastra had many unpatched Pulse Secure VPN and Citrix ADC (NetScaler) servers prior to the attack.
Read more »
tokenization
Banking Biometrics contactless Cyber Security Fintech Fraud mobile wallet Payments Security tokenization

Mastercard to Eliminate 16-Digit Card Numbers by 2030 for Enhanced Security

 

In a strategic move to combat identity theft and fraud, Mastercard has announced plans to remove the traditional 16-digit card number from credit and debit cards by 2030. Instead, the company will implement tokenization and biometric authentication to enhance security.

Mastercard has been integrating biometric authentication into its payment ecosystem since 2022, allowing transactions to be completed with a smile or a hand wave. Now, the next phase involves replacing card numbers with tokens, which transform the 16-digit identifier into a unique digital code stored on devices. This ensures that card details are never exposed during online or contactless transactions.

The initial rollout of these numberless cards will be in collaboration with AMP Bank, with additional financial institutions expected to adopt the technology in the coming year.

Receiving a suspicious transaction alert from the bank can be alarming, and for good reason—payment fraud has been on the rise. In Australia, fraudulent card transactions amounted to A$868 million in 2023-24, up from A$677.5 million the previous year.

Data breaches continue to expose sensitive financial information, with major incidents involving Marriott, Starwood Hotels, and Ticketmaster affecting hundreds of millions of customers worldwide. In Australia, card-not-present fraud—where transactions occur without the physical card—accounts for 92% of all card fraud, increasing by 29% in the last financial year.

Although the Card Verification Value (CVV) was introduced to verify physical card possession, its effectiveness has diminished over time.

By removing the card number, Mastercard aims to reduce unauthorized transactions and minimize risks associated with data breaches. Without stored payment details, compromised databases will no longer expose customers’ financial information.

This move aligns with broader industry concerns about data storage and privacy, highlighted by incidents such as the 2022 Optus data breach, which leaked historical customer data. Eliminating stored card details prevents future attacks from leveraging outdated information.

Challenges in Adopting the New System

While digital banking users may find the transition seamless, concerns arise regarding accessibility. Elderly consumers and individuals with disabilities who rely on traditional banking methods might struggle with the shift to mobile authentication.

Additionally, shifting security reliance from physical cards to mobile devices introduces new risks. SIM swapping and impersonation scams already enable criminals to take over victims' phone accounts, and these tactics could escalate as digital payment systems evolve.

Biometric authentication presents another challenge—unlike credit card details, biometric data is immutable. If compromised, it cannot be changed, increasing the stakes of potential identity theft. Previous breaches, such as the BioStar 2 security lapse and Australia’s Outabox facial recognition exposure, highlight the risks of biometric data leaks.

As contactless payments continue to grow, physical cards may soon become unnecessary. In 2023, mobile wallet transactions in Australia surged 58%, reaching $146.9 billion. By October 2024, nearly 44% of transactions were conducted via mobile devices.

Retail innovations like Amazon’s Just Walk Out technology are accelerating this trend. Currently deployed across 70 Amazon-owned stores and 85 third-party locations, the system uses AI-powered cameras and weight sensors to enable checkout-free shopping. Companies like Trigo, Cognizant, and Grabango are also developing similar smart retail solutions, with trials underway in major supermarket chains like Tesco and ALDI.

However, even in frictionless shopping experiences, consumers must initially enter card details into payment apps. To eliminate the need for cards and numbers entirely, biometric payments—such as facial recognition transactions—are gaining traction as the next frontier in secure digital commerce.
Read more »
Transactions
Cyber Fraud Digital Payment Financial Fraud Fintech RBI Transactions

Fintechs Encouraged to Join National Cyber Fraud Reporting System


The Fintech Association of India (FACE) has urged its members to register on the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS). This platform, part of the broader National Cybercrime Reporting Portal, facilitates the reporting and management of financial cyber frauds. By joining, fintech companies can better handle customer complaints and collaborate with law enforcement to prevent fraud.

This initiative by FACE is noteworthy, especially as it seeks approval to become a self-regulatory organisation (SRO) for fintech lenders. The Reserve Bank of India (RBI) is expected to announce its decision soon, with FACE and the Digital Lenders’ Association of India both in the running to be recognised as an SRO. The establishment of an SRO will likely lead to more stringent industry oversight, promoting higher standards of operation and better consumer protection within the fintech sector.

The push for fintechs to join the CFCFRMS comes at a critical time. As digital transactions grow more common, the opportunities for cyber fraud have increased. The convergence of various financial entities— such as banks, non-banking financial companies, insurance providers, and payment services—has created more potential points of vulnerability. The CFCFRMS is designed to coordinate the efforts of all stakeholders, enabling action to block fraudulent transactions before they can be completed.

RBI’s New Platform to Combat Payment Frauds

In a parallel effort to bolster cybersecurity, the RBI is developing the Digital Payments Intelligence Platform (DPIP). This platform aims to use cutting-edge technology to detect and prevent payment fraud. A committee led by A P Hota, former CEO of the National Payments Corporation of India, is currently formulating recommendations for the DPIP, which is expected to upgrade the ability to share real-time data across the payment ecosystem. This initiative is especially important in addressing frauds where victims are tricked into making payments or divulging sensitive information.

Alarming Increase in Cyber Fraud Losses

The importance of these measures is empathised by recent statistics from the Ministry of Finance. Financial losses due to cyber fraud have more than doubled in the last fiscal year, rising to Rs 177.05 crore in FY24 from Rs 69.68 crore in FY23. This sharp increase underlines the growing threat posed by cybercriminals and the need for more robust security measures.

Public Awareness and Digital Payment Safety

While the rise in cyber fraud is concerning, a survey by the RBI offers some reassurance. According to the survey, 94.5% of digital payment users have not experienced fraud. However, the risk remains, especially in semi-urban areas, where fraud attempts are slightly more common than in metropolitan regions. The most prevalent form of fraud is vishing, or voice phishing, where criminals trick individuals into revealing sensitive information over the phone. Other common tactics include phishing emails, misuse of payment requests, and remote access scams.

As digital payments become increasingly integrated into everyday life, ensuring their safety is crucial. Initiatives like CFCFRMS and DPIP are essential in building a secure and trustworthy digital financial environment. By building up on fraud prevention measures, these platforms can help maintain public confidence and encourage wider adoption of digital payment systems.


Read more »
Fintech Frenzy
Cyber Victim Cyberattacks CyberCrime Data Breach Evolve Breach Fintech Fintech Frenzy

Fintech Frenzy as Affirm and Others Emerge as Victims in Evolve Breach

 


The recent attack on one of the largest financial services providers has led to a problem for many companies that work with the provider, two of which have already alluded to possible negative implications for customer data due to the attack. There has been a strong rumour that the LockBit group successfully hacked the US Federal Reserve earlier last week, which has caused the group to receive some undue attention. A breach had also occurred at the far lesser Evolve Bank & Trust, a far less serious breach. Memphis-based Evolve has released a statement regarding the incident. 

According to the statement, the attack was triggered by an Evolve employee clicking on a malicious phishing link sent to him in late May. Even though the attackers did not access most of the cash that customers had in their accounts, the hackers had access to and downloaded their personal information from databases and a file share. Furthermore, the company encrypted some of its data, but since backups were made, the company had to deal with limited loss of data and impact on its operations. Several days ago, the Federal Reserve Board announced that it would enforce the anti-money laundering, risk management, and consumer compliance programs of Evolve Bank & Trust. It accused the company of deficiencies in these areas, as well as other areas. 

In a statement the Federal Reserve published in February 2023, the Fed noted that examinations conducted in 2023 found that Evolve had a risk-management program and controls that were not adequate to comply with anti-money laundering laws and consumer protection laws. According to Stephen Gates, principal security SME for Horizon3.AI, the biggest decision any organization needs to make once they have experienced a breach is what to do about what they are going to do next once the smoke begins to clear. 

A regulated bank, Evolve Bank & Trust, provided USD account details, between 2020 and 2023 as part of the contract with the bank. Recently, Wise has been the victim of a data breach involving the personal information of perhaps some of the company's customers. Wise customers need identifying information for Evolve Bank & Trust to provide USD account details. Information that the company shared with Evolve Bank & Trust to provide USD account details, such as names, addresses, dates of birth, contact info, SSNs or EINs for US customers, or another document number for non-US customers. Neither Evolve nor the company has confirmed what data was affected. 

The LockBit ransomware group recently attacked Evolve Bank, an Arkansas-based financial institution. The attack resulted in data leaks on the Dark Web. After claiming to have hacked the US Fed earlier this week, LockBit got a lot of attention. When LockBit posted a threat to release "33 terabytes of juicy banking information containing Americans' banking secrets" if a ransom was not paid, it released some of the stolen data. At the end of the month, LockBit was kicked out of Evolve's system. 

As soon as the victim wouldn't pay the ransom, the group leaked the information. It's also a payments processor, and it offers business-to-business (B2B) banking-as-a-service (BaaS) and business-to-consumer (B2C) banking-as-a-service. More victims are coming forward of the breach, which has affected more than just its direct customers. The multibillion-dollar London-based fintech company Wise, according to a statement released last week, disclosed its partnership with Evolve Bank & Trust from 2020 to 2023. 

During this period, Wise collaborated with Evolve to "provide USD account details" to its customers. To facilitate this service, Wise shared sensitive customer information with Evolve, including names, addresses, dates of birth, contact details, and identification numbers, such as employer identification numbers and Social Security numbers. Wise indicated that this data "may have been involved" in Evolve's recent security breach. Similarly, the buy now, pay later (BNPL) company Affirm, which utilizes Evolve for the issuance and servicing of its Affirm Cards, reported potential exposure of customer information. 

Although Affirm clarified that customers' cards remained unaffected, the personal data shared with Evolve posed a significant concern. In an 8-K filing with the Securities and Exchange Commission (SEC), Affirm stated, "The full scope, nature, and impact of the incident on the Company and Affirm Card users, including the extent to which there has been unauthorized access to Affirm Card user Personal Information, are not yet known." Evolve's breach has prompted many of its other prominent partners in the financial services industry, including Stripe and Shopify, to investigate the potential impact on their customers' data. The situation remains under scrutiny as these companies assess whether their customers' sensitive information has been compromised.
Read more »
Third-Party Risks
Bank Data Leak Customer Data Data Breach Data Leak Financial Data Breach Fintech Ransomware attack Third-Party Risks

Wise and Evolve Data Breach Highlights Risks of Third-Party Partnerships

 

Wise, a prominent financial technology company, recently disclosed a data breach impacting some customer accounts due to a ransomware attack on their former partner, Evolve Bank & Trust. The breach has raised significant concerns about the security of third-party partnerships, especially in financial services. From 2020 to 2023, Wise partnered with Evolve to provide USD account details for their customers. Last week, Evolve confirmed an attack attributed to the notorious ransomware group LockBit. 

The group leaked the data after the bank refused to pay the ransom. The breach underscores the precarious nature of relying on third-party companies for critical services and trusting their security measures. Evolve has not yet confirmed the specific personal information leaked. However, Wise has taken a transparent approach, confirming that the shared information included names, addresses, dates of birth, contact details, Social Security numbers (SSNs) or Employer Identification Numbers (EINs) for U.S. customers, and other identity document numbers for non-U.S. customers. 

Evolve’s initial investigation suggests that names, SSNs, bank account numbers, and contact information for most of their personal banking customers, as well as customers of their Open Banking partners, were affected. In response to the breach, Wise assured its customers that they no longer work with Evolve Bank & Trust. Currently, USD account details are provided by a different bank, emphasizing their commitment to security and customer trust. 

Wise has implemented additional security protocols and is collaborating with cybersecurity experts to understand the breach’s scope and fortify their defenses. Wise has proactively communicated with its customers, recommending precautionary steps such as changing passwords, enabling two-factor authentication, and monitoring account activity for any suspicious transactions. They have also provided resources and support to help customers protect their information. The breach has heightened concerns among customers regarding the security of their personal and financial information. 

Despite the challenges posed by the breach, Wise’s proactive approach and transparent communication have helped reassure customers. The company continues to work closely with cybersecurity experts to enhance their defenses and prevent future incidents. As the investigation progresses, Wise is determined to provide regular updates and support to affected customers. Their dedication to transparency and user security remains unwavering, ensuring that they take every step necessary to safeguard their users’ information and maintain their trust. 

This incident highlights the growing threat of cyberattacks on financial institutions and the critical need for robust security measures. Customers are reminded to stay alert and take proactive steps to protect their online accounts. Wise’s efforts to address the breach and protect their users underscore their commitment to maintaining trust and security for their customers.
Read more »
Traders
Cybersecurity Data Breach Data Exposure Direct Trading Technologies Fintech Security Breach Traders

Direct Trading Technologies Exposes Data of 300K Traders in Major Security Breach

 

Direct Trading Technologies (DTT), an international fintech enterprise, has compromised the security of more than 300,000 traders by inadvertently exposing their confidential information and trading histories, potentially exposing them to the risk of unauthorized account access.

On October 27th, the research team at Cybernews identified a misconfigured web server containing backups and development code believed to be associated with Direct Trading Technologies. The company, which operates globally and specializes in providing trading platforms for various financial instruments, including stocks, forex, precious metals, energies, indices, Contracts for Difference (CFDs), and cryptocurrencies, also extends its services through white-label solutions. 

While its primary clientele is situated in Saudi Arabia, Direct Trading Technologies maintains offices in multiple countries, including the UK, Lithuania, UAE, Kuwait, Colombia, Turkey, Bahrain, Lebanon, and the Republic of Vanuatu. Within the identified directory, several database backups were found, each containing substantial amounts of sensitive information concerning the company's users and partners. The breach introduces a spectrum of potential risks, ranging from identity theft to the takeover and unauthorized withdrawal of funds from traders' accounts.

Upon discovery, Cybernews promptly notified the company of their findings. Although the identified issues were rectified, an official response from Direct Trading Technologies is still pending.

The leaked data encompasses the trading activities of more than 300,000 users spanning the last six years, including names, email addresses, correspondence sent by the company, and IP addresses. Notably, individuals using the company's email addresses, possibly employees, had their passwords exposed in plaintext. Hashed passwords for accessing user accounts on the DTT trading platform were also among the leaked information. Furthermore, certain clients had their home addresses, phone numbers, and partial credit card details exposed.

The comprehensive list of leaked data includes:
  • Trading account activity
  • Contents of emails sent by DTT
  • User IP addresses, emails, usernames, and plaintext passwords
  • Notes on outreach calls
  • Names
  • Email addresses
  • Phone numbers
  • Home addresses
  • Hashed passwords
  • Database endpoints and plaintext credentials of white-label customers (endpoints were protected by IP whitelists)
  • Locations where KYC documents are stored, filenames, types, expiration dates, and other metadata
While the KYC documents themselves were not compromised, the leaked files disclosed the locations where the documents are stored and additional metadata.

The credentials of clients utilizing the white-label service were exposed in plaintext, alongside details regarding database locations and negotiated commission percentages. The leaked information also contained internal comments from the company's outreach team, including derogatory terms used to categorize certain clients in the company's system.

Given the rapid growth of the fintech industry, this breach serves as a stark reminder of the crucial importance of robust cybersecurity measures. Fintech companies, entrusted with managing highly sensitive customer data, become prime targets for threat actors, especially considering the substantial value held in traders' accounts. 

With access to leaked data from a trading platform, attackers possess ample information to launch various malicious activities, including account takeovers, phishing, identity theft, and malware exploits based on leaked IPs. The potential threat is heightened by the fact that Direct Trading Technologies offers white-label services to numerous firms, storing credentials for clients' databases. While this could pose an additional threat, accessing these databases would require attackers to compromise a trusted network, adding an extra layer of complexity to the potential threat.
Read more »
Tokens
Blockchain Crypto cryptocurrency Decentralized Digital Assets digital currency Fintech NFTs Smart Contracts Technology Tokens

The United States is Monitoring Vulnerabilities in Bitcoin

 

The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022. The National Vulnerability Database (NVD), overseen by the National Institute of Standards and Technology (NIST), a branch of the U.S. Department of Commerce, has brought attention to this issue for public awareness. This underscores the growing focus of government agencies on the security dimensions of cryptocurrencies.

The vulnerability at the core of this development is specific to certain versions of Bitcoin Core and Bitcoin Knots. It enables the bypassing of the datacarrier limit by disguising data as code. In practical terms, this vulnerability could result in the Bitcoin network being inundated with non-transactional data, potentially causing congestion in the blockchain and affecting performance and transaction fees. This concern is not merely theoretical, as evidenced by the exploitation of the Ordinals inscriptions in 2022 and 2023.

The Ordinals gained prominence in late 2022, involving the embedding of additional data onto a satoshi, the smallest Bitcoin unit, similar to the concept of nonfungible tokens (NFTs) on the Ethereum network. However, the increased usage of Ordinals transactions has led to heightened network congestion, resulting in elevated transaction fees and slower processing times. For blockchain enthusiasts, these issues are not just technical glitches but critical challenges that could influence the future trajectory of Bitcoin.

Luke Dashjr, a Bitcoin Core developer, has been outspoken about this vulnerability, likening it to receiving a flood of junk mail that obstructs essential communications. This metaphor aptly encapsulates the essence of the vulnerability, disrupting the otherwise streamlined process of Bitcoin transactions.

In response to these concerns, a patch has been developed in Bitcoin Knots v25.1. However, Dashjr notes that Bitcoin Core remains vulnerable in its upcoming v26 release. He expresses hope that the issue will be addressed in the v27 release next year. The implications of this vulnerability and its subsequent patching are substantial. Rectifying the bug could limit Ordinals inscriptions, although existing inscriptions would persist due to the immutable nature of the network.

This situation underscores a broader theme in the cryptocurrency world: the constant evolution and the need for vigilance in maintaining network security. The involvement of U.S. federal agencies in tracking and cataloging these vulnerabilities may signify a step toward more robust and secure blockchain technologies. While the identification of Bitcoin's vulnerability by the NVD serves as a cautionary tale, it also presents an opportunity for growth and improvement in the cryptocurrency ecosystem.
Read more »
Security
Application Security Cyber Security DeFi Fintech fintech companies IAM Identity and Access Management Security

FinTech Sector Emerges as a Prominent Target for Cybercriminals


Like every other sector that has evolved, thanks to the innovative digital transformation it has adopted, cybercrime has become a significant challenge in the finances of organizations. As per research by VMware’s Modern Bank Heist, there has been an increase of a whopping 238% in cyberattacks on companies’ financial sectors since the wake of the COVID-19 pandemic. 

A series of cyberattacks witnessed recently on the DeFi platform illustrates how fintech companies have emerged as a prominent target and a big prize to cyber criminals. Particularly when it comes to fintech apps, there is often a huge possibility for profit. Attackers can also do greater damage by going after tech users, who may have adopted comparatively less stringent cybersecurity measures. One malicious software can deprive fintech consumers of their assets and ruin the reputation of the financial organization. 

Considering the seriousness of the constantly evolving threat, fintech companies are now required to reconsider their approach including their identity and access control strategies, in order to ensure sure that their platforms are equally trusted by consumers and businesses. It is crucial to implement the right controls to maintain an organization's security posture as this industry continues to transition to the cloud, but doing so presents a unique set of problems. 

Why Are FinTech Applications Hard to Secure? 

While cloud development has emerged as a breakthrough, garnering the opportunity for new apps to be made possible and existing apps to operate more smoothly than before, it has also rapidly increased the number of potential attack surfaces and created additional opportunities for configuration errors, human mistake, and identity management problems. 

Any form of change makes a company vulnerable at the cloud scale, whether it is upgrading an outdated program to a new and better cloud-based architecture or enhancing current capabilities. Due to the fact that an infrastructure's attack surface now expands and is dynamic in the cloud, this can further increase the explosion radius of a single attack. 

Fintech applications must also adhere to strict regularity standards that differ from country to country and frequently incur heavy fines for noncompliance. 

Since operating in the financial sector requires a greater standard of accountability towards clients and the entire sector, which can be a challenging task, organizations must assure visibility, dependability, and proper configuration as a result of fintech. 

Fintech companies need to maintain a tight grasp on security and privacy from the very beginning of growth, especially as third-party services continue to expand, in order to remain competitive in this extremely crowded market. 

How can FinTech Sector be Secured? 

Since fintech organizations are more dependent on vendors and other partners like manufacturers, suppliers, and subcontractors and an increasingly complex supply chain. This further could be a reason for the system being exposed to potential attackers. 

Companies frequently lack visibility into their third- and fourth-party partners, and consequently, the large amount of data that is available to them. Interoperability is crucial in today's software-centric world, but it frequently makes firms even more vulnerable to attackers. 

Fintech developers are thus advised to continuously be vigilant for potential problems with the software supply chain and the security risks that third-party services may pose to their companies. 

We are listing more measures that could be adopted by fintech organizations to safeguard themselves from potential cyber-attacks that could hinder their security: 

  • Companies must be aware of the entities that have access to their data and applications, along with their location and what they do with it. It will be crucial to integrate identity and access management (IAM) systems as dangers inside fintech continue to develop significantly.
  • An organization must have the appropriate technology and tactics in place to safeguard and comply with industry regulations as well as to consistently protect its sensitive data, especially in the cloud. IAM systems, for instance, offer businesses protection without impeding progress or burdening their teams with the extra workload. 
Unfortunately, the security risks offered by financially motivated cybercriminals will only get more advanced over time. The fintech sector must adopt a proactive security posture and a strong identity and access management strategy that can handle the complexity and scope of today's cloud security concerns in order to meet the pressure to protect sensitive client data.   

Read more »
Technology
Binance Bitcoin Blockchain China Crypto Currency Digital Asset HahKey Fintech FTX Hong Kong Singapore Technology

Hong Kong Will Legalize Retail Crypto Trading to Establish a Cryptocurrency Hub

 


A plan to legalize retail cryptocurrency trading has been announced by Hong Kong to create a more friendly regulatory regime for cryptocurrencies. There has been an opposite trend over the last few years in the city, with skeptical views, as well as China's ban on the practice. 

According to sources familiar with the matter, an upcoming mandatory licensing program for crypto platforms scheduled to take effect in March next year will allow retail traders access to crypto platforms. There has been a request not to name these people since they are not authorized to release this information publicly.

There have been reports that the regulators are planning to allow the listing of higher-value tokens in the coming months but will not endorse specific coins such as Bitcoin or Ether, according to the people. They noted that the details and timeframe are yet to be finalized since a public consultation is due first.

At a fintech conference that starts on Monday, the government is expected to provide more details regarding its recently announced goal of creating a top crypto hub in the region. To restore Hong Kong's reputation as a financial center after years of political turmoil and the aftermath of Covid curbs sparked a talent exodus, the marketing campaign comes amid a larger effort to put Hong Kong back on the map.

Gary Tiu, executive director at crypto firm BC Technology Group Ltd, said that, while mandatory licensing in Hong Kong is one of the most effective things regulators can do, they cannot forever satisfy the needs of retail investors who are investing in crypto assets. 

Criteria for listing 

According to people familiar with the matter, the upcoming regime for listing tokens on retail exchanges is likely to include criteria such as the token's market value, liquidity, and membership in third-party crypto indexes to determine eligibility for listing. Their approach resembles the one they used when it came to structured products such as warrants, they continued. 

Hong Kong's Securities and Futures Commission spokesperson did not respond to a request for comment regarding the details of the revised stance adopted by the agency. 

Several crypto-related Hong Kong companies that are listed on the stock exchange increased their share prices on Friday. In the same report, BC Technology climbed 4.8% to its highest in three weeks during the third quarter, whilst Huobi Technology Holdings Ltd. rose slightly. 

In a world where more and more regulators are grappling with how to manage the volatile area of digital assets. This area has gone through a $2 trillion rout, following a peak in early November 2021. The sector is finding it difficult to regain its previous strength. Firms that dealt in cryptocurrency were crushed by the crash because their leverage grew without limit and their risk management methods were exposed.

It is widely believed that Singapore has tightened up its digital-asset rules to curb retail trading in digital assets to deal with the implosion that has hit Hong Kong. 

There was a proposal earlier this week by Singapore to ban the purchase of leveraged retail tokens on the retail market. There was a ban on cryptos in China a year ago because it was largely illegal. 

Michel Lee, executive president of digital-asset specialist HashKey Group, said that Hong Kong is trying to frame a crypto regime that extends beyond the retail token trading market to incorporate all types of digital assets, including cryptocurrencies. 

Bringing the ecosystem to the next level 

Among other things, Lee believes that tokenized versions of stocks and bonds could become a much more significant segment in the future as time passes on. Lee said, "Just trading digital assets on its own is not the goal". According to Lee, digital assets are not intended to be traded on their own but the ecosystem must grow as quickly as possible.”

A big exchange such as Binance and FTX once had their base in Hong Kong. Their attraction was the reputation of a laissez-faire regime and their strong ties to China. A voluntary licensing regime, that was introduced by the city in 2018, limited crypto platforms' access to clients with portfolios exceeding HK$8 million ($1 million) to those with portfolios of less than that amount. 

It has been confirmed that only two firms have been approved to operate under the license, BC Group and HashKey. FTX successfully managed to turn away the more lucrative consumer-facing business to the Bahamas last year as a result of the signal of a tough approach. 

However, the plan to attract crypto entrepreneurs back to Hong Kong seems to be a bit short of what is needed to usher them back. Among other things, it remains to be seen if mainland Chinese investors would be able to trade in tokens through Hong Kong if that were to be permitted. 

Leonhard Weese, the co-founder of the Bitcoin Association of Hong Kong, expressed a fear that there might be a very strict licensing regime in the future. "The conversations I have had indicate that people still fear it will be very stressful," he said. The company claims that it is not competitive on the same level as overseas platforms. Therefore, it will not be as attractive to customers as it would be if it dealt directly with retail users. 

According to blockchain specialist Chainalysis Inc., the volume of digital-token transactions in Hong Kong through June declined less than 10% from a year earlier, the most modest increase in the region outside of a slump in China, in the 12 months through June. It has fallen two positions from its global ranking of 39 in 2021 to 46 in 2022 when it comes to crypto adoption throughout the city. 

The Securities and Futures Commission of Hong Kong's Fintech Department has also suggested that the city could take further steps in this area, including the establishment of a regime to authorize exchange-traded funds seeking exposure to mainstream virtual assets. 

It shows that the one country, two systems principle is being put into action in financial markets, Wong said at an event last week. He said that the fact that the city can introduce a cryptocurrency framework distinct from China's indicates how far it has come.
Read more »
Technology
Blockchain Crypto Fintech Ola Finance Technology

Ola Finance: Attackers Stole $4.7M in 'Re-Entrancy' Exploit

 

According to a post-mortem report released by the developers, the decentralised lending platform Ola Finance was exploited for approximately $4.67 million in a "re-entrancy" assault on Thursday. 

Ola runs a decentralised finance (DeFi) platform that spans multiple blockchains, and the hack on Thursday targeted the Fuse network. For financial services such as lending and borrowing, DeFi refers to the use of smart contracts rather than third parties. 216,964.18 USDC, 507,216.68 BUSD, 200,000.00 fUSD, 550.45 wrapped ether, 26.25 wrapped bitcoin, and 1,240,000.00 FUSE were obtained using Ola's services on the Fuse network. 

At current pricing, all of that is worth more than $4.67 million. The attack took use of a re-entrancy flaw in the ERC677 token standard. Reentrancy is a frequent issue that allows attackers to deceive a smart contract into stealing assets by repeatedly calling a protocol. An authorization for a smart contract address to communicate with a user's wallet address is known as a call. 

The attacker used a 515 WETH flash loan from the WETH-WBTC pair on Voltage Finance to execute the initial heist transaction. The attacker avoided a flash loan in subsequent transactions by using funds that had already been stolen, according to the post-mortem study. Voltage is a decentralised trading protocol for the Fuse network that enables for automated trading of DeFi coins. 

Attackers were able to fool Voltage's smart contracts by transferring wrapped assets — which they generated using flash loans, a type of short-term uncollateralized borrowing, asking the smart contract send payments from Voltage to the hacker's addresses The attack, according to Ola Finance, could not be replicated on any of the lending networks it supports. The developers stated, “We will investigate each token’s 'transfer' logic to make sure no problematic token standards are in use.” 

 Meanwhile, Voltage stated it was in contact with third parties to track down the attacker and devise a method to compensate those who had been harmed.
Read more »
Scam
Cyber Attacks Data Safety Fintech Fraud Payment Scam

Payment Fraud Attack Rate Across Fintech Increased by 70% in 2021

 

The index based on a global network of over 34,000 sites and apps and a poll of over 1,000 consumers, reveals that payment fraud attacks across fintech increased by 70% in 2021, the greatest increase of any category in the network. 

Payment fraud has increased in tandem with a whopping 121 percent year-over-year increase in fintech transaction volumes on Sift's network, making this industry a tempting target for cybercriminals. These escalating attacks, as per this data, were mostly focused on alternative payments such as digital wallets, which witnessed a 200 percent increase in payment fraud, as well as payments service providers (+169 percent) and cryptocurrency exchanges (+140 percent). 

These approaches were targeted towards buy now/pay later (BNPL) providers, which showed a 54 percent increase in fraud attack rates year over year. Sift's Trust and Safety Architects discovered a rising number of fraud schemes on Telegram in late 2021, providing unlimited access to BNPL accounts via fake credit card numbers and compromised email addresses, demonstrating the wide range of methods fraudsters use to target the whole fintech sector.

Along with a 23 percent increase in blocked payment fraud assaults in 2021, Sift noticed a network-wide rise in daily transaction volumes across all industries. Similarly, 49 percent of poll respondents indicated they've been a victim of payment abuse in the last one to three years, with 41 percent of those who have been victims in the last year alone. Financial service websites were regarded as the sites that pose the most risk by 33% of the victims, which could have a detrimental impact on the customer’s trust. 

Jane Lee, Trust and Safety Architect at Sift. stated, “Many brands fail to realize that the damage of payment fraud goes beyond the initial financial impact. The vast majority of consumers report abandoning brands after they experience fraud on a business’s website or app, diminishing customer lifetime value and driving up acquisition costs. Further, potential customers who see unauthorized charges from a particular company on their bank statements will forever associate that brand with fraud. In order to combat these attacks and grow revenue, businesses should look to adopt a Digital Trust & Safety strategy—one that focuses on preventing fraud while streamlining the experience for their customers.”
Read more »
Subscribe to: Comments (Atom)