Global Neobank Revolut Hacked; $20 Million Stolen

The breach, which occurred in early 2022, was reportedly the result of the exploitation of an undisclosed vulnerability in Revolut’s payment systems.

Revolut, a global neobank and financial technology company, fell victim to a devastating cyber attack earlier this year, resulting in the theft of over $20 million from the company’s funds.

The breach, which occurred in early 2022, was only recently brought to light by the Financial Times, relying on information from anonymous sources familiar with the incident. Revolut has yet to publicly disclose the breach.

According to the report, the attack exploited an undisclosed vulnerability in Revolut’s payment systems. The flaw, which remained undetected until late 2021, revolved around inconsistencies between the company’s U.S. and European systems. Consequently, when certain transactions were declined, the systems erroneously refunded the amounts using Revolut’s own money.

Unfortunately, organized criminal groups capitalized on this flaw, orchestrating a scheme that enticed individuals to make high-value purchases they knew would be declined. The refunded amounts were then swiftly withdrawn from ATMs, further exacerbating the breach. It is important to note that specific technical details related to the vulnerability remain undisclosed.

The cyber attack resulted in the theft of approximately $23 million from Revolut. However, diligent efforts to track down those responsible led to the recovery of some of the stolen funds. In the end, Revolut incurred a substantial net loss of approximately $20 million due to this mass fraud scheme.

Revolut, a popular digital banking platform known for its user-friendly interface and global presence, has been making significant strides in the fintech industry. The company boasts over 15 million customers worldwide, offering a range of financial services, including money transfers, cryptocurrency trading, and investment options. This cyber attack has dealt a significant blow to the reputation of the neobank and highlights the ongoing challenges faced by companies operating in the digital realm.

As news of the breach circulates, concerns about the security of digital banking systems have resurfaced, raising questions about the robustness of existing cybersecurity measures in the financial sector. Revolut’s failure to detect and address the vulnerability in a timely manner underscores the pressing need for enhanced security protocols and greater vigilance in protecting user funds.

Revolut has not yet issued an official statement regarding the cyber attack. However, industry experts and stakeholders eagerly await the company’s response, as it will undoubtedly play a crucial role in determining the future course of action for the neobank. As the investigation progresses, authorities will be working diligently to identify the culprits behind the breach and hold them accountable for their actions.

This incident serves as a stark reminder that the rapid digitization of financial services must be met with robust cybersecurity measures. Financial institutions and fintech companies must remain ever-vigilant in their efforts to safeguard user data and funds from increasingly sophisticated cyber threats.

RELATED ARTICLES

1. Qatar National Bank Hacked, 1.4GB Database Leaked
2. Gone: Russian Central Bank hacked; $31 million stolen
3. Brazilian Hackers Hit Portuguese Banks in Malware Attack
4. Hacker Leaks 73M Records from Indian HDFC Bank Subsidiary

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism