The breach, which occurred in early 2022, was only recently brought to light by the Financial Times, relying on information from anonymous sources familiar with the incident. Revolut has yet to publicly disclose the breach.
According to the report, the attack exploited an undisclosed vulnerability in Revolut’s payment systems.
The flaw, which remained undetected until late 2021, revolved around inconsistencies between the company’s U.S. and European systems.
Consequently, when certain transactions were declined, the systems erroneously refunded the amounts using Revolut’s own money.
Unfortunately, organized criminal groups capitalized on this flaw, orchestrating a scheme that enticed individuals to make high-value purchases they knew would be declined.
The refunded amounts were then swiftly withdrawn from ATMs, further exacerbating the breach. It is important to note that specific technical details related to the vulnerability remain undisclosed.
The cyber attack resulted in the theft of approximately $23 million from Revolut.
However, diligent efforts to track down those responsible led to the recovery of some of the stolen funds. In the end, Revolut incurred a substantial net loss of approximately $20 million due to this mass fraud scheme.
Read More ( Here )
© CopyRights RawNews1st
