Revolut is a British-based banking app. The app has over 20 million users, and over 250 million transactions run through it monthly.
The breach was a social engineering attack. A social engineering attack is a scam method that uses psychological factors to manipulate the victim into disclosing personal information.
The breach occurred when the social engineering attack became successful. A Lithuanian paper called Valstybinė duomenų apsaugos inspekcija, or State Data Protection Inspectorate, said in a statement that the leaked information may have included emails, names, and addresses.
This breach occurred on September 11th, 2022.
The breach impacts approximately 50,000 individuals. The victims received emails from Revolut, which a Redditor posted on Revolut’s page. It read, “As you were part of a very small percentage of affected customers, we want to reassure you that your data is now safe, and we understand that you may have questions about this incident.”
The files affected reached an approximate count of 50,150. The notification email stated that the breach affected only 0.16% of Revolut customers. It also said, “We take these types of incidents very seriously, and while you don’t need to take any action, we’ve advised affected customers to be extra cautious as there may be an increased risk of impersonation or fraud.”