LendingCrowd reports data breach
LENDINGCROWD has warned investors of a data security breach on its platform.
The peer-to-peer business lender said it discovered a security incident resulting in unauthorised access to personal data.
The platform said the breach affected a ‘subset of investors’ who have all been contacted.
Read more: Zopa warns over imitation scam firms
“LendingCrowd investors’ accounts and the LendingCrowd platform have not been compromised,” the platform said in a blog post on its website.
“We self-reported this incident the same day to the Information Commissioner’s Office.
“We have also notified the Financial Conduct Authority and other relevant agencies.
“Investigations are ongoing, but in the meantime, we want to act both responsibly and with transparency.”
The platform also issued a reminder for investors to setup two-factor authentication (2FA), change passwords regularly and to report any suspicious activity.
Platforms have increasingly been moving to 2FA in recent months with Zopa and Assetz Capital recently introducing the function.
Data breaches from financial services firms reported to the Financial Conduct Authority rose 480 per cent in 2018, according to recent research from law firm RPC.
Security experts at IBM also found that the finance industry is most at risk from hacks and data leaks.
According to their 2019 XForce Threat Intelligence report, the most common type of hack uses misconfiguration, where malicious attackers exploit poorly-designed security procedures or weak passwords to gain access to customer accounts.
Also frequently reported are SQL injection attacks where hackers use website database vulnerabilities to bypass security measures.