Finastra Issues ‘Data Breach’ Notices to Individual Customers Following 2024 Hacker Incident

Fintech giant Finastra is notifying clients that the company’s recent run-in with hackers has resulted in minimal data leaks, but it’s encouraging those affected to be vigilant.

Finastra is one of the world’s largest financial software companies, serving 8,000 clients in retail banking, transaction banking, lending, treasury capital, and other markets.

Headquartered in London, England, Finastra employs 7,000 people in offices across the globe, posting $1.9 billion in revenue as of its last earnings call.

‘Not ransomware’

Late last year, Finastra learned that a hacker was selling data allegedly stolen from its systems during a breach.

“We are working as quickly as possible to rule out affected customers,” the company said at the time. “This is a time-intensive process because we have many large customers that leverage different Finastra products in different parts of their business. We are prioritizing accuracy and transparency in our communications.”

The fintech giant clarified that “this was not a ransomware attack, no malware was deployed to the Finastra network, and there is no direct impact on Finastra’s customer operations or systems.”

While it was clear a breach had occurred, it wasn’t immediately clear what (and how much) data was caught up.

Now, Finastra is notifying affected parties of the results of its investigation, providing additional information on the data exposed for each individual or business client caught up in the breach.

‘Notice of Data Breach’

“On November 7, 2024, Finastra identified a cybersecurity incident that impacted certain Finastra systems,” reads the letter Finastra started sending this month to affected parties.

“Once the incident was discovered, Finastra immediately launched an investigation, and leading cybersecurity firms were engaged to assist. We also notified law enforcement and continue to support their investigation,” according to the data breach notice, shared by the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR).

The investigation found that a hacker accessed a third-party Secure File Transfer Platform (SFTP) used by Finastra to provide technical and customer support to its customers. The attacker gained unauthorized access to the platform at various times between Oct. 31, 2024 and Nov. 8, 2024.

Then, on Oct. 31, the hacker “obtained certain files from the SFTP.”

“Our investigation determined that the files contained some of your personal information,” the letter states, followed by the affected data for individual parties.

While the letter doesn’t say how many people or client companies are affected, the leak (so far) includes the names of at least 65 Massachusetts residents.

“Finastra has taken steps to confirm that the unauthorized third party no longer has access to the data and Finastra has no indication the unauthorized third party further copied, retained, or shared any of the data,” the notice adds.

“We have no reason to suspect your information has or will be misused. As a result, we believe the risk to individuals whose personal data was involved is low. Nonetheless, a robust review of the files involved was conducted to identify individuals whose personal information may be contained in the files,” Finastra notes.

The fintech company is working with law enforcement, including the FBI, to complete the investigation. It has also implemented “numerous measures” to bolster the security of its systems and data and is considering additional steps “to further enhance the security of our environment.”

The letter includes mitigation steps for affected parties, including free credit monitoring through Experian. For peace of mind, Bitdefender recommends that affected individuals also consider using an identity theft solution like Bitdefender Identity Theft Protection (US only).

Not ransomware?

It’s important to note that the hacker attempting to sell the data stolen from Finastra claimed the size of the dump weighed in at 400 gigabytes, which would translate into a massive trove of data, containing far more than just the names and personal details of a handful of customers.

Furthermore, news reports on the incident mention that the seller deleted his post and exited the forum soon after advertising the dump, leading to speculation that Finastra may have negotiated with the hacker(s) to keep a lid on the incident.

A reminder to secure your partners and vendors

As we note in our guide – “Small Office, Big Threats: 7 Ways to Cyber-Proof Your Business in 2025” – cybercriminals may target your business indirectly by infiltrating your vendors, partners, or software providers. A compromised vendor’s system can grant hackers access to your network.

Cyber threats evolving as rapidly as they do, a small office can no longer afford to ignore them.

Bitdefender strongly recommends deploying a security solution to limit the chances of a successful breach. Bitdefender Ultimate Small Business Security is an extended version of our consumer security suite providing malware detection, ransomware prevention, email protection, account breach protection, scam protection, and VPN. Thanks to a natural, intuitive dashboard designed for use even by non-techies, it can be administered by anyone in your organization.

Watch it in action at: https://www.bitdefender.com/en-us/consumer/small-business-security.