Exploited loophole causes major $20m security breach for Revolut

Revolut

In 2022, Revolut faced a significant security breach, leading to a loss of $20m due to a fault in its payment processing system, as reported by the FT.

This major breach was a result of discrepancies between Revolut’s US and European systems, which led to a problematic system error where funds were erroneously refunded using Revolut’s own resources when certain transactions were declined.

The issue was ruthlessly capitalised on by organised criminal gangs who engineered scenarios where expensive purchases would be declined, leading to illegitimate refunds. These refunded sums were then siphoned off via ATM withdrawals.

The flaw was first spotted in late 2021 by one of Revolut’s partner banks in the US and subsequently rectified in Spring 2022. The loophole allowed a total of $23m to be withdrawn, with a portion of this money successfully recovered by tracking down those who had withdrawn cash. Revolut has not yet issued a public comment on the matter.

Keep up with all the latest FinTech news here

Copyright © 2023 FinTech Global

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.