Revolut Fell For Social Engineering Attack, Data From 50K Users Exposed

It was Revolut’s turn. Another day, another information breach in the crypto world. About a week back, somebody inside the business’s head office succumbed to a fraud. According to Revolut, the social hackers just had access to the information “for a short period of time.” And the breach just impacted 0,16% of their customers. Not regrettable, ideal? Well, obviously the opponents got 50K individuals’s information and are currently attempting to rip-off them. Plus, they may’ve gotten control of Revolut’s site. 

But let’s begin at the start. The business’s banking license is signed up in Lithuania, so Revolut reported the occurrence to that nation’s State Data Protection Inspectorate. They are the ones that exposed that the attack was through social engineering. Revolut didn’t confess to that. The Lithuanian information defense company likewise provided a loaded summary of the case which contains the majority of the truths:

“According to the provided revised information, the data of 50,150 customers around the world (including 20,687 in the European Economic Area), such as names, addresses, e-mails, may have been affected during the incident. postal addresses, telephone numbers, part of the payment card data (according to the information provided by the company, the card numbers were masked), account data, etc.”

And, to cover all the bases, here’s the meaning of “social engineering” according to Investopedia:

“Social engineering is the act of exploiting human weaknesses to gain access to personal information and protected systems. Social engineering relies on manipulating individuals rather than hacking computer systems to penetrate a target’s account.”

What Does Revolut Admit To?

The business explained the occurrence as a “highly targeted cyber attack” in which an “unauthorized third party” got access to a little portion of users’ individual information. In a declaration shared with Bleeping Computer, Revolut continued: 

“We right away recognized and separated the attack to efficiently restrict its effect and have actually gotten in touch with those consumers impacted. Customers who have actually not gotten an e-mail have actually not been affected.

To be clear, no funds have actually been accessed or taken. Our consumers’ cash is safe – as it has actually constantly been. All consumers can continue to utilize their cards and accounts as typical.”

Not regrettable, ideal? Well, a minimum of one consumer who didn’t get an e-mail reports that he was gotten in touch with by the fraudsters. “I didn’t receive an email from you yet I receive a scam text message claiming it’s from Revolut. How did they get my number and know I had a Revolut account?,” JT tweeted a number of days back. He got a generic “Hi there! Could you please contact our support team via in-app chat regarding this?” as a reaction.

The business’s main declaration ends with guarantees:

“We take incidents such as these incredibly seriously, and we would like to sincerely apologize to any customers who have been affected by this incident, as the safety of our customers and their data is our top priority at Revolut.”

Is there more to the story, though?

ETH cost chart for 09/23/2022 on FTX | Source: ETH/USD on

Lewd Language

There may’ve been more shenanigans going on, according to Bleeping Computer. Apparently, Revolut users reported that the assistance chat was showing nasty language near the time of the social engineering occurrence. The publication clarifies:

“While it is not clear if this defacement is related to the breach disclosed by Revolut, it shows that hackers may have had access to a wider range of systems used by the company.”

Did the hackers get access to more than the confessed information? Or was this a different occurrence and the entire thing simply a coincidence? Can our company believe the reports? A number of images show absolutely nothing, and there are no dates on them. Why would the hackers ruin the site if they wanted cash? On the other hand, perhaps they did. And those messages may suggest that they got more gain access to than what Revolut confessed to.

Featured Image by Kris from Pixabay | Charts by TradingView

NY Times, a surprised girl looking at a phone

Michael Evans

Professional writer, editor, and producer with over a decade of experience. I'm an experienced editor who has written for a variety of publications, and I specialize in editing non-fiction articles, news, and business blogs.

Related Articles

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button