Revolut system bug netted crooks over $20M – media

A payment flaw in Revolut’s US service allowed criminals to steal millions of dollars over several months, the Financial Times (FT) reported.

The loophole, which impacted the fintechs’ payment systems in the US, arose from the different payment systems between Europe and the US. According to the FT, when transactions were declined, Revolut would mistakenly refund accounts with the company’s money.

Organized crime groups have exploited the flaw since early 2022, with net losses exceeding $20 million. FT claims that this makes up two-thirds of Revolut’s 2021 net profit.

The scheme involved purchasing expensive goods, knowing that the payment would be declined and later reimbursed by the company. However, the exact details of the flaw are unclear as the incident hasn’t been publicly disclosed.

The company told Cybernews that they “will not be commenting” on the issue.

Last year, Revolut dealt with a highly targeted cyberattack that could have affected over 50,000 customers. The fintech, licensed and regulated by the Bank of Lithuania within the European Union, disclosed the breach to the Lithuanian State Data Protection Inspectorate.

A 2021 Revolut bug caused fears of a hack after user account pictures changed to depict random people instead of the account’s owners.

Revolut boasts over 30 million personal users and 500,000 business users worldwide, with operations supported in over 200 countries and regions. The company employs over 6,000 staff and had a revenue of $375 million in 2022.

More from Cybernews:

Book review: neurotech aims to read your mind – and more

Ukraine supporters targeted by malware ahead of NATO summit

Petro-Points member info breached in Suncor hack

Facebook, Messenger, and Instagram reported down for users worldwide

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked