Finastra confirms cyber attack; latest victim in digital breach wave


November 21, 2024 by our News Team

Finastra, a leading financial software company, confirms cyber attack on its SFTP system potentially exposing sensitive information of clients and other entities, with security researcher Brian Krebs confirming data leak on dark web platforms.

  • Finastra has an impressive client list, including 50 of the world's largest banks.
  • The company employs over 12,000 people.
  • The SFTP system, which was the target of the attack, is not actively used by all clients.


Finastra, a leading financial software company with over 8,000 clients across 130 countries, has confirmed that it was the target of a cyber attack. This breach potentially exposed sensitive information belonging to the company’s clients and other entities. Finastra boasts an impressive client list, including 50 of the world’s largest banks, and employs over 12,000 people. In 2019, the company reported revenues of $1.7 billion.

The attack took place on November 7th when unauthorized individuals gained access to Finastra’s SFTP system using stolen credentials. The company uses this system for file transfers and internal operations. Finastra’s initial investigation suggests that the attack was limited to the SFTP system and did not extend to other systems. However, this system contains a wealth of potentially sensitive information.

security researcher Brian Krebs first confirmed the attack after a affected client reached out to him. Shortly after, data allegedly belonging to Finastra started appearing on various dark web platforms. The individual responsible for the leak claims to possess over 400 GB of information from the company’s systems.

As of now, Finastra has not commented on the published data leak but has acknowledged the incident and stated that the investigation is ongoing. The company has not provided specific details about the impact of the breach or the nature of the affected data.

Finastra emphasizes that the SFTP platform is not its primary method of data transfer and is not actively used by all clients. However, it acknowledges that the system may contain potentially sensitive information from both the company and its clients.

We can expect more information about the investigation to be released officially in the coming days. Stay tuned for updates on this developing story.

About Our Team

Our team comprises industry insiders with extensive experience in computers, semiconductors, games, and consumer electronics. With decades of collective experience, we’re committed to delivering timely, accurate, and engaging news content to our readers.


Leave a Reply