Revolut has suffered a cyberattack that gave an unauthorized third party access to personal information of tens of thousands of clients. The incident occurred a week ago, on Sunday night, and has been described as “highly targeted.”
Founded in 2015, Revolut is a financial technology company that has seen a rapid growth, now offering banking, money management, and investment services to customers all over the world.
In a statement for BleepingComputer, a company spokesperson said that an unauthorized party had access “for a short period of time” to details of only a 0.16% of its customers.
According to the breach disclosure to the State Data Protection Inspectorate in Lithuania, where Revolut has a banking license, 50,150 customers have been impacted.
Based on the information from Revolut, the agency said that the number of affected customers in the European Economic Area is 20,687, and just 379 Lithuanian citizens are potentially impacted by this incident.
Details on how the threat actor gained access to the database have not been disclosed but it appears that the attacker relied on social engineering.
