Monday, September 15, 2025
Latest:

Threatshub.org sponsored-Post

The Register

Former FinWise employee may have accessed nearly 700K customer records

TH Author

A US fintech biz is writing to nearly 700,000 customers because a former employee may have accessed or acquired their data after leaving the company.

FinWise Bank, which offers banking services and technology solutions to other financial services organizations, said some of the data involved belonged to American First Finance (AFF), a poor-credit lender through which FinWise offered installment loans.

According to a filing with Maine’s Attorney General’s Office, the incident took place on May 31, 2024, but was only detected on June 18 this year.

The Utah-based fintech firm redacted the list of data types involved in the incident from public view, and neither it nor AFF released public statements offering further details.

The letter to affected customers stated: “Upon learning of the incident, FinWise immediately launched an investigation in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data had been accessed by the former FinWise employee after the end of their employment.

“On [June 18], our extensive forensic investigation and manual document review discovered that certain files containing your personal information may have been accessed or acquired as a result of this incident.”

As is the norm in such cases, all 689,000 affected individuals have been offered 12 months’ free credit monitoring and identity theft protection.

FinWise is the latest company to suffer at the hands of a malicious insider, with a host of other organizations suffering the same fate in recent months.

Coinbase is perhaps the most high-profile of these. It said in May that its support staff working overseas took a bribe and stole data belonging to nearly 70,000 of the company’s customers.

Rippling, a San Francisco-based HR SaaS business, was also the victim of a malicious insider after rival Deel offered cash to its now-former global payroll compliance manager in exchange for company secrets.

And the UK’s data protection watchdog said last week that more than half of cyberattacks in schools are caused by students.

Also under the insider breach umbrella are incidents involving the accidental transmission of data over misdirected emails, of which there have been plenty in recent years.

A contributor to one of the UK’s foremost think tanks, the Royal United Services Institute (RUSI), stated last week that the personnel security field is “widely lacking in strategic thinking” and “struggling to do its job effectively.”

Paul Martin, distinguished fellow at RUSI, said organizations need to improve their internal security culture to counter insider risks, specifically by improving trust within.

He also claimed that the data types which indicate insider malfeasance are spread across various departments, and therefore should be amalgamated by a dedicated working group for insider security.

The Register asked both FinWise and AFF for additional information. ®

READ MORE HERE