Finastra's Servers Shut Down After a Ransomware Attack

Finastra, one of the world’s leading core banking providers was targeted by a ransomware attack last week.

The software provider, which boasts a revenue of $1.9 billion annually, detected the breach on Friday.

“Finastra’s IT security and risk teams actively detected, through our own monitoring, that a bad-actor was attempting to introduce malware into our network in what appears to have been a common ransomware attack,” chief operating officer, Tom Kilroy, said in a statement.

“We made the decision that it was necessary to voluntarily take our servers offline. We took this step to contain the threat, secure our network and protect our clients’ data.

“To the best of our knowledge, we do not believe that any customer or employee data was accessed or exfiltrated.”

“Following Friday’s incident, Finastra’s teams have been working tirelessly to bring our systems back online,” the company said.

The London-based firm, which has offices in 42 countries, has not revealed the exact cause of the ransomware attack, simply referring to a “bad-actor” without specifying any further details.

The company is understood to have closed various offices in Canada and London following the attack, and has employed an independent forensic firm to investigate the nature of the breach.

“Because our solutions each have their own nuanced processes to move from being available to operationally live, each of our products will be back once readiness steps are completed,” the firm said, suggesting various Finastra services will have to be switched back on one at a time which could variably impact its banking clients.