Finastra a Fintech company has been hit by a Ransomware. Finastra told that they have taken down all the infected servers offline immediately after realising about the ransomware. Finastra said that they strongly believe that the result was due to a ransomware attack and they also stated that there is no evidence that any data was accessed unauthorisedly.
Finastra is the world’s third-largest fintech that provides financial software and adjacent services to the world’s banking sector. Fintech came from the combination of Financial and technology, it refers to a type of company or services that uses technology to provide financial services to businesses.
It is assumed that Finastra was earlier running an unpatched Pulse Secure VPN that was affected with CVE-2019-11510 and was also vulnerable to an outdated Citrix server earlier this year that has allowed hackers to access files to the host.
Upon learning of the situation, we engaged an independent, leading forensic firm to investigate the scope of the incident. Out of an abundance of caution and to safeguard our systems, we immediately acted to voluntarily take a number of our servers offline while we continue to investigate
the company said
The attackers have taken advantage of these severe vulnerabilities and were exploited by attackers in mass in the past few months by hackers.
Notifications have been sent to the customers and employees that were directly impacted by the server shutdown and the company stated that they will make servers up by Monday morning.
The company has declined about sharing the details about the attack during the time of ongoing forensics investigation.