FinAi News

No products in the cart.

Subscribe
  • News
  • AI News Tool
  • Data
  • Transactions
  • Events
    • FinAi Banking Summit
    • FinAi Lending Summit
  • Podcast
  • WEBINARS
    • Webinar Library
Log In
No Result
View All Result
  • Banking
  • Lending
  • Payments
  • Risk & Security
  • Strategy
FinAi News
  • News
  • AI News Tool
  • Data
  • Transactions
  • Events
    • FinAi Banking Summit
    • FinAi Lending Summit
  • Podcast
  • WEBINARS
    • Webinar Library
BAN PLUS
Log In
No Result
View All Result
FinAi News
No Result
View All Result

The Finastra breach: 3 security takeaways

Finastra serves over 8K FIs including Lloyds Bank, First Citizens Bank and Vystar Credit Union

Whitney McDonaldbyWhitney McDonald
November 22, 2024
in Risk & Security
Reading Time: 3 mins read
0
Share on Facebook

Identity-based attacks are on the rise as evidenced by London-based tech provider Finastra’s cybersecurity incident reported this week.  

Finastra this month identified suspicious activity in its internally hosted Secure File Transfer Platform, used to send files to its customers, according to a Finastra statement provided to Bank Automation News on Nov. 21. 

“We are continuing to investigate root cause, but initial evidence points to credentials that were compromised,” according to the statement. “This incident was limited to one platform and there was not lateral movement beyond it.” 

While it was not disclosed which Finastra clients were affected by the breach, Finastra works with more than 8,000 financial institutions including Lloyds Bank, First Citizens Bank and Vystar Credit Union, according to the company. 

Safety first

Stolen credentials are being used more frequently by criminals, Aaron Walton, threat intelligence analyst at security solutions provider Expel, told BAN. At Expel, 70% of attacks seen in its security operations center are identity based. 

“The majority of malicious emails and the highest volume of malware we see is geared toward stealing credentials,” Walton said, noting that organizations can protect their credentials by: 

Courtesy/Canva
  • Utilizing multifactor authentication; 
  • Testing infrastructure for security weaknesses; and 
  • Implementing quick remediation plans. 

“When an attacker has credentials it gives them easy access to an organization’s sensitive data, and often just requires an enterprising attacker to leverage those credentials to cause a lot of harm,” Walton said.  

Security opportunity

While the Finastra investigation is ongoing and the source of the compromise has not been identified, this an opportunity for Finastra to share its findings to boost industrywide security efforts, Yoni Shohet, CEO at software-as-a-service security company Valence Security, told BAN.  

Security teams eventually want to disclose, step-by-step, everything they’ve learned “because it makes the industry better,” he said.   

“If we properly understand and analyze the root causes of breaches that happen to similar organizations, then each organization that is in a similar profile can also improve their own security practices.” 

Register here for early-bird pricing for Bank Automation Summit U.S. 2025, taking place March 3-4 in Nashville, Tenn. View the full event agenda here.  

Tags: data breachFinastraPremiumrisk
Previous Post

Inside look: Ally developing multicloud hybrid strategy

Next Post

Open banking: Decoding Section 1033

Related Posts

Flagright logo
Risk & Security

VCs invest in AI anti-crime compliance systems

June 30, 2026
(AI-generated)
Risk & Security

BOE’s Breeden warns AI agents risk causing market meltdowns

June 30, 2026
Cybersecurity locks among multiple data points
Risk & Security

CISA creates cybersecurity prioritization, patch protocol

June 29, 2026
Next Post
Courtesy/Canva

Open banking: Decoding Section 1033

EMERGING FINTECH DIRECTORY

Emerging Fintech Directory

The Buzz Podcast

SPONSORED

How AI and Product Experts Turn Fuzzy Requirements Into Focused Dev-ready Roadmaps

April 19, 2026

Is Your Technology Supplier There for You?

April 1, 2026

Hiding in Plain Sight: How to Use Data to Spot Consumer Accounts Being Used by Small Businesses

November 10, 2025

  • About Us
  • Help Center
  • Contact Us
  • Privacy Terms
  • ADA Compliance
  • Advertise

 [wt_cli_manage_consent]

Connect

twitter linkedin podcast podcast podcast
© 2026 Royal Media
No Result
View All Result
  • NEWS
    • All News
    • Banking
    • Lending
    • Payments
    • Risk & Security
    • Strategy
  • AI News Tool [Beta]
  • DATA
  • TRANSACTIONS
  • EVENTS
    • FinAi Banking Summit
    • FinAi Lending Summit
  • PODCAST
  • WEBINARS
    • Webinar Library
  • SUBSCRIBE
  • Log In / Account

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Unlock This Article

Create your free FinAi News account to access this article and stay informed on how AI is transforming financial services including banking, lending, payments, and risk.

Yes, I'd like to receive FinAi News updates, breaking news, and exclusive AI insights for financial services leaders.

Continue Reading with FinAi News Premium - Less than $2/Day

Upgrade to FinAi News Premium for unlimited access to news, insights, trends, and intelligence on how AI is transforming financial services including banking, lending, payments, and risk.
Upgrade to FinAi News Premium Subscription
No Result
View All Result
  • NEWS
    • All News
    • Banking
    • Lending
    • Payments
    • Risk & Security
    • Strategy
  • AI News Tool [Beta]
  • DATA
  • TRANSACTIONS
  • EVENTS
    • FinAi Banking Summit
    • FinAi Lending Summit
  • PODCAST
  • WEBINARS
    • Webinar Library
  • SUBSCRIBE
  • Log In / Account