Broker Freedom Finance admitted the fact of hacking its internal network and stealing data leaks about 16,000 clients of the company for 2018. The founder and CEO of the company Timur Turlov announced this on Instagram.
He called the incident “an extremely unpleasant and shameful incident in information security”, which occurred on December 24, and admitted: “We screwed up.”
According to him, one employee of the company received a phishing email, which he opened and ran on the local machine despite the security warning. “And then all the weak points of our security were revealed,” said Turlov.
“Cyber ransomware attacked a segment of our internal network and stole some data from the local machines of a number of employees in Russia. These are machines belonging to the employees of a Russian broker that provides access to the Russian stock market and almost the entire data packet is dated 2018,” wrote Turlov on his Instagram.
Almost no customers who opened accounts in the United States were affected. The broker’s international clients were not affected either.
He assured that hackers did not get access to CRM, back-office reports, trading platform data, and also did not get customer passwords.
Turlov promised that the company will contact affected customers as soon as possible, tell them what documents have been made publicly available, and advise on how to minimize risks.
“Of course, now we have completely cleaned out the network and all local machines, have already rebuilt it, and are convinced that data is no longer leaking,” assured he.
Turlov believes that the system was hacked to blackmail the company with media publicity and extort money.
“The company has decided to admit its mistake and not cooperate with criminals,” said Turlov.
On November 24, Ashot Hovhannisyan, the founder of the Data Leakage & Breach Intelligence (DLBI) service, announced the appearance of Freedom Finance’s customer data.