- Broker business ‘Freedom Finance’ has suffered a severe hacker attack that resulted in a data leak.
- The information that was stolen is already offered for purchase on various darknet forums.
- CEO said no client passwords were compromised, even though the seller claims otherwise.
Timur Turlov, CEO of the ‘Freedom Finance’ investment platform, has admitted the leak of sensitive details about 16,000 clients on social media. Although the data dates back to 2018, the things that are included make the event pretty grave. The company claims to have realized the breach only recently after they received a tip about data belonging to them appearing on dark web forums.
The seller of the data pack claims to be in possession of 12 GB of data, including the valid credentials of 16,000 clients, their full names, passport details, phone numbers, extracts, signatures, bank account details, and bank account balances. Even employee login credentials are included in the pack, but they have already reset their passwords.
Turlov stated the following in regards to the unfortunate event:
Colleagues and partners, we had an extremely unpleasant and shameful incident in information security happen yesterday. Cyber extortionists attacked a segment of our internal network and stole some data from local machines of some employees in Russia. These machines are related to employees of the Russian broker providing access to the Russian stock market and almost the entire package is dated 2018.
As for why ‘Freedom Finance’ was targeted, Turlov suggests that it was done by extortionists who are threatening to release the stolen information to the public. Some of the details that have been compromised concern individuals who would prefer to keep their trading activities secret for a multitude of reasons.
The 'Freedom Finance' boss clarified that the hackers didn’t access the CRM, the back office reports, or the trading data on the site, and also stated that client passwords were not touched. The man also assured his followers that the networks and all local machines had been fully cleaned now, and the IT teams have confirmed that the data is not leaking out anymore.
Finally, the entrance point was revealed too, and it was a successful phishing attempt against one of the company's employees. The suspicious email was actually flagged by the security system that was in place, and the employee was warned about the risk but still fell for the hacker’s trap. This proves once again that people are the weakest link in the security chain, and when they’re involved, they can ruin everything even if the security systems work as expected.