Revolut falls victim to “highly targeted” cyber-attack

UK-based super-app Revolut has fallen victim to a “highly targeted” cyber-attack that may have affected tens of thousands of customers.

In an e-mail to affected customers, the fintech says that while their money is safe and no card details, PINs or passwords were accessed, some individuals may be vulnerable to fraud and phishing attacks.

A Revolut spokesperson says: “Revolut recently experienced a highly targeted cyber-attack. This resulted in an unauthorised third party obtaining access to the details of a small percentage (0.16%) of our customers for a short period of time.

“We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted.

“To be clear, no funds have been accessed or stolen. Our customers’ money is safe – as it has always been. All customers can continue to use their cards and accounts as normal.”

The company has set up a dedicated team to monitor affected accounts, which, according to the Lithuanian data protection authority (where Revolut holds its banking licence), may be as many as 50,150 customers around the world.

The financial app recently launched Revolut Pay, an online checkout feature that allows UK and European merchants to present it as a payment method.

In July, Revolut made a number of senior hires in both the US and India.

Last summer, Revolut raised $800 million in a Series E funding round led by SoftBank’s Vision Fund 2 and Tiger Global which took its total valuation to $33 billion, making it one of the most valuable European fintechs ever.