On February 12, 2025, Finastra filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized third party accessed portions of the company’s IT network. In this notice, Finastra explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and financial account information. Upon completing its investigation, Finastra began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Finastra, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Finastra data breach. For more information, please see our recent piece on the topic here.
What Caused the Finastra Data Breach?
The Finastra data breach was only recently announced, and more information is expected in the near future. However, Finastra’s filing with the Attorney General of Massachusetts provides some important information on what led up to the breach. According to this source, on November 7, 2024, Finastra detected a cybersecurity threat after an incident that disrupted parts of the company’s computer network.
In response, Finastra notified law enforcement and then began working with third-party cybersecurity experts to investigate the incident. Through this investigation, Finastra learned that the unauthorized party had access to a Secure File Transfer Platform (SFTP) between October 31, 2024 and November 8, 2024. Evidently, Finastra used this SFTP to provide technical support to its customers. The investigation also confirmed that the unauthorized party obtained certain files from the compromised SFTP, some of which contained confidential consumer information.
After learning that sensitive consumer data was accessible to an unauthorized party, Finastra reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name and financial account information.
On February 12, 2025, Finastra sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Finastra
Finastra is a global financial technology company specializing in banking, lending, payments, and treasury solutions for financial institutions. Headquartered in London, United Kingdom, the company provides cloud-based and on-site software solutions to banks, credit unions, and other financial organizations worldwide. With a focus on open banking and digital transformation, Finastra assists financial institutions in innovating and streamlining their operations. The organization employs approximately 11,000 people and generates an estimated $1.9 billion in annual revenue.