Finastra Security Breach - Finastra "Shutting Down Key Systems"

Finastra Security Breach – Finastra “Shutting Down Key Systems”

Finastra Reportedly Responds to Security Breach By Shutting Down Key Systems

Kehoe Law Firm, P.C. is making consumers aware that on March 20, 2020, Krebsonsecurity.com reported (“Security Breach Disrupts Fintech Firm Finastra“) that “Finastra, a company that provides a range of technology solutions to banks worldwide, said . . . it was shutting down key systems in response to a security breach discovered this morning. The company’s public statement and notice to customers does not mention the cause of the outage, but their response so far is straight out of the playbook for dealing with ransomware attacks.”

According to Krebsonsecurity.com, “. . . sources at two different U.S. financial institutions forwarded a notice they received from Finastra saying the outage was expected to disrupt certain services, particularly for clients in North America.”  Additionally, Krebsonsecurity.com reported that, in a revised statement, Finastra stated that it “strongly believe[s] that the incident was the result of a ransomware attack and [does] not have any evidence that customer or employee data was accessed or exfiltrated, nor do[es] [Finastra] believe [its] clients’ networks were impacted . . ..”

Finastra’s Statement From Its COO

According to Finastra’s statement from its COO, Tom Kilroy,

[d]uring the period immediately prior to March 20th, 2020, the Finastra IT security and risk teams actively detected, through [Finastra’s] own monitoring, that a bad-actor was attempting to introduce malware into our network in what appears to have been a common ransomware attack. Unfortunately, this type of malware and criminal activity is increasingly common in today’s environment and is targeted at companies across many sectors, not only those involved in technology.

. . .

At this time, [Finastra does] not have any evidence that any customer or employee data was accessed or exfiltrated, nor do[es] [Finastra] believe [its] clients’ networks were impacted. No customers running software in their own environments are affected. [Finastra is] confident that by moving rapidly and taking these proactive measures [Finastra] successfully contained the threat, secured [its] network and protected [its] clients’ data.

Kehoe Law Firm, P.C.