1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Former FinWise employee may have stolen sensitive data on 689,000

    From TechnologyDaily@1337:1/100 to All on Tue Sep 16 19:15:09 2025
    Former FinWise employee may have stolen sensitive data on 689,000 American First Finance customers

    Date:
    Tue, 16 Sep 2025 18:11:00 +0000

    Description:
    A popular bank faces an insider threat when a former employee accessed data
    on hundreds of thousands of users.

    FULL STORY ======================================================================A
    former FinWise employee accessed sensitive data on 689,000 people more than a year after leaving the company Victims likely include those with FinWise
    loans or accounts serviced by American First Finance, its technology partner FinWise hired security experts, notified authorities, and offered credit monitoring

    FinWise Bank, a Utah-based community bank, recently suffered an insider data breach when a former employee accessed sensitive customer data after their employment had ended.

    In a new report filed with the Office of the Maine Attorney General, FinWise said that the breach happened on May 31, 2024, but was discovered more than a year later, on June 18, 2025. In total, sensitive data on 689,000 people was compromised.

    While the filing does not detail the nature of the stolen files, a data
    breach notification letter, sent to affected individuals, mentions full names and other data elements. Tricking GPT with a "mock-up" request

    The company did not explain exactly how the ex-employee accessed the files.

    FinWise did say that the data could be related to American First Finance (AFF), a financial services company that provides alternative consumer financing, especially for people with limited, or poor credit history.

    FinWise contracts with AFF to offer installment loans to consumers, the bank explained. In this arrangement, FinWise is the lender and AFF is the technology provider. FinWise originates the loan and provides funds to the consumer. AFF is contracted to provide the application platform, facilitate the loan origination for FinWise, as well as service the loan on behalf of FinWise.

    The bank hints that those who have had, or applied for, a FinWise installment loan, a lease-to-own account, or a retail installment sales agreement
    account, are the likely victims of this incident.

    After finding out about the attack, the bank did what all companies do when faced with a similar thing: brought in third-party security experts to assess the damage and analyze the attack, notified law-enforcement and other
    relevant authorities, reached out to affected individuals, and offered one year of free credit monitoring and identity theft protection. The name of the vendor was not disclosed.

    Via BleepingComputer You might also like Insider breaches are a bigger security threat than ever before - here's how your business can stay safe
    Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/former-finwise-employee-may-have-stolen -sensitive-data-on-689-000-american-first-finance-customers


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)