Revolut falls victim to cyberattack 

By Will McCurdy on Wednesday 21 September 2022

Digital Banking

The challenger bank claims the attack impacted just a tiny proportion of its customers, but that they will need to be increasingly vigilant about fraud going forwards.

Revolut falls victim to cyberattack 
Image source: Vlad Yatsenko and Nikolay Storonsky/Revolut

Revolut has revealed it was a victim of a “highly targeted” cyber attack from an unauthorised third party, which gained access to the personal details of 0.16 per cent of its 20 million customers.

However, the challenger bank assured customers that the attack was “immediately detected and isolated” and that no funds were accessed or stolen, and no card details, PINs, or passwords were accessed.

The bank did tell customers that they may now be at increased risk of fraud and recommended that they be "especially vigilant" for any suspicious activity, including emails, phone calls, or messages.

In addition, Revolut clarified that the type of personal data compromised will vary between different customers.

Revolut customers won’t need to take any immediate action, but the bank said that it will contact them individually if necessary and that this communication will not come in the form of calls or text messages.

"Be extremely wary of any attempt to contact you," said a Revolut spokesperson. "We will never ask you for your details or passwords".

It’s easy to see why Revolut included the above warning about a potential scam.

Communications relating to cyberattacks and data breaches can be commonly used as bait for "phishing attacks", where cybercriminals impersonate legitimate institutions in an attempt to nab their details.

Some of Monzo’s customers fell victim to such an attack in February 2022, with an SMS campaign that attempted to get collect their account details after tricking them into clicking on a fake "Golden Link".

Weaknesses in the IT protocols of challenger banks are something that is gaining more attention from regulators.

In April 2022, the Financial Conduct Authority (FCA) highlighted weaknesses in six challenger banks' IT systems when came to preventing cybercrime and financial crime. 

The report found that though “there are limited differences in the inherent financial crime risks faced by challenger banks, compared with traditional retail banks” their rapid growth “must not come at the detriment of complying with customer due diligence (CDD) obligations”. 

Revolut is definitely an example of a company that is growing rapidly.

In July, the challenger bank revealed that it has now reached 20m retail customers globally and that it had recently surpassed 5,000 employees on the eve of its seventh birthday.

Sign up for our newsletters


Your daily 7am download of all things alternative finance and fintech.

Fintech and alternative finance headlines with an exclusive Editor's Note each week. Delivered Monday at midday.

AltFi's new weekly US newsletter breaking down the ins and outs of America's burgeoning fintech sector. Delivered Monday 9am EST/ 6am PST.