It was Revolut’s turn. Another day, another data breach in the crypto world. About a week ago, someone inside the company’s headquarters fell for a scam. According to Revolut, the social hackers only had access to the data “for a short period of time.” And the breach only affected 0,16% of their clients. Not too bad, right? Well, apparently the attackers got 50K people’s data and are already trying to scam them. Plus, they might’ve gotten control of Revolut’s website.
But let’s start at the beginning. The company’s banking license is registered in Lithuania, so Revolut reported the incident to that country’s State Data Protection Inspectorate. They are the ones that revealed that the attack was through social engineering. Revolut didn’t admit to that. The Lithuanian data protection agency also offered a jam-packed summary of the case that contains most of the facts:
“According to the provided revised information, the data of 50,150 customers around the world (including 20,687 in the European Economic Area), such as names, addresses, e-mails, may have been affected during the incident. postal addresses, telephone numbers, part of the payment card data (according to the information provided by the company, the card numbers were masked), account data, etc.”
And, to cover all the bases, here’s the definition of “social engineering” according to Investopedia:
“Social engineering is the act of exploiting human weaknesses to gain access to personal information and protected systems. Social engineering relies on manipulating individuals rather than hacking computer systems to penetrate a target’s account.”
What Does Revolut Admit To?
The company described the incident as a “highly targeted cyber attack” in which an “unauthorized third party” got access to a small percentage of users’ personal data. In a statement shared with Bleeping Computer, Revolut continued:
“We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted.
To be clear, no funds have been accessed or stolen. Our customers’ money is safe – as it has always been. All customers can continue to use their cards and accounts as normal.”
Not too bad, right? Well, at least one customer who didn’t receive an email reports that he was contacted by the scammers. “I didn’t receive an email from you yet I receive a scam text message claiming it’s from Revolut. How did they get my number and know I had a Revolut account?,” JT tweeted a couple of days ago. He got a generic “Hi there! Could you please contact our support team via in-app chat regarding this?” as a response.
The company’s official statement ends with promises:
“We take incidents such as these incredibly seriously, and we would like to sincerely apologize to any customers who have been affected by this incident, as the safety of our customers and their data is our top priority at Revolut.”
Is there more to the story, though?
ETH price chart for 09/23/2022 on FTX | Source: ETH/USD on TradingView.com
There might’ve been more shenanigans going on, according to Bleeping Computer. Apparently, Revolut users reported that the support chat was displaying foul language near the time of the social engineering incident. The publication clarifies:
“While it is not clear if this defacement is related to the breach disclosed by Revolut, it shows that hackers may have had access to a wider range of systems used by the company.”
Did the hackers get access to more than the admitted data Or was this a separate incident and the whole thing just a coincidence? Can we believe the reports? A couple of images prove nothing, and there are no dates on them. Why would the hackers deface the website if they were after money? On the other hand, maybe they did. And those messages might mean that they got more access than what Revolut admitted to.
In Singapore, LBank, a major cryptocurrency exchange, participated in Token 2049 as a sponsor and exhibitor. At the Token 2049 venue, LBank was welcomed with open arms and went on to host a prosperous after-party. Singapore, one of the burgeoning major crypto hubs, welcomed a diverse crowd of enthusiasts and provided LBank with a beautiful […]
Back at the beginning of the year, some notable celebrities had been named in a lawsuit over the alleged Ethereum Max (EMAX) scam. These celebrities included reality star Kim Kardashian, boxing legend Floyd Mayweather, as well as former professional athletes Paul Pierce and Antonio Brown. The class action lawsuit had accused the celebrities of pumping […]
Ever since losing around 80% of its value from its all-time high, Bitcoin has been questioned as a store of value and a digital equal to gold. The digital currency still records the best performance for any asset across the last decade, but critics are fast to point out past year’s losses. Related Reading: Crypto […]
Bitcoin (BTC) accumulation is seeing a massive surge as it rises to levels last seen in 2015.
Analysts now view NFTs as Solana’s strong suit amid a wave of adverse reports surrounding the network.
The trading volume of the non-fungible token (NFT) market of the Ethereum ecosystem dipped dramatically during the just-ended third quarter of 2022, pointing to lingering market pain. According to a report by blockchain and crypto analytics platform Messari, Ethereum NFT transactions fell 17% over the quarter to an average of 181,000 transactions per day. This […]