‘Freedom Finance’ Admits Catastrophic Data Leak

  • Broker business ‘Freedom Finance’ has suffered a severe hacker attack that resulted in a data leak.
  • The information that was stolen is already offered for purchase on various darknet forums.
  • CEO said no client passwords were compromised, even though the seller claims otherwise.

Timur Turlov, CEO of the ‘Freedom Finance’ investment platform, has admitted the leak of sensitive details about 16,000 clients on social media. Although the data dates back to 2018, the things that are included make the event pretty grave. The company claims to have realized the breach only recently after they received a tip about data belonging to them appearing on dark web forums.

The seller of the data pack claims to be in possession of 12 GB of data, including the valid credentials of 16,000 clients, their full names, passport details, phone numbers, extracts, signatures, bank account details, and bank account balances. Even employee login credentials are included in the pack, but they have already reset their passwords.

Turlov stated the following in regards to the unfortunate event:

Colleagues and partners, we had an extremely unpleasant and shameful incident in information security happen yesterday. Cyber extortionists attacked a segment of our internal network and stole some data from local machines of some employees in Russia. These machines are related to employees of the Russian broker providing access to the Russian stock market and almost the entire package is dated 2018.

As for why ‘Freedom Finance’ was targeted, Turlov suggests that it was done by extortionists who are threatening to release the stolen information to the public. Some of the details that have been compromised concern individuals who would prefer to keep their trading activities secret for a multitude of reasons.

The 'Freedom Finance' boss clarified that the hackers didn’t access the CRM, the back office reports, or the trading data on the site, and also stated that client passwords were not touched. The man also assured his followers that the networks and all local machines had been fully cleaned now, and the IT teams have confirmed that the data is not leaking out anymore.

Finally, the entrance point was revealed too, and it was a successful phishing attempt against one of the company's employees. The suspicious email was actually flagged by the security system that was in place, and the employee was warned about the risk but still fell for the hacker’s trap. This proves once again that people are the weakest link in the security chain, and when they’re involved, they can ruin everything even if the security systems work as expected.

REVIEW OVERVIEW

Latest

How to Watch American Dad Season 17 Online From Anywhere

The American Dad animated series keeps going strong despite the rumors and the haters, and its fanbase is excited to watch the...

How to Watch Snowpiercer Season 3 Online From Anywhere

The Snowpiercer Season 3 is knocking on our door, so if you missed the post-apocalyptic speed train setting and the struggle the...

Jujutsu Kaisen Chapter 173 Release Date, Time and Where To Read

Jujutsu Kaisen's latest chapter saw the end of Fushiguro's fight with Reggie. Since the last few chapters were extensively about the ongoing...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari