Ion Group, a Dublin-based software company that helps financial institutions automate their critical business processes, has been hit by a ransomware attack that forced several European and U.S. banks to revert to manual processes.
The cyberattack, which TechCrunch learned about on Tuesday, affected Ion’s Cleared Derivatives division, which provides software for automating the trading lifecycle and the derivatives clearing process. Unlike physical assets, derivatives are financial products that derive value from a relationship to another underlying asset. Common types of derivatives include currencies, stocks, bonds and commodities.
Ion said in a short statement that it “experienced a cybersecurity event” on Tuesday that affected some of its services. “The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing.”
Ion spokesperson Suezelle D’Costa declined to share further details, such as the nature of the incident or how the organization was compromised. However, a memo from Ion obtained by Bloomberg confirms the attack was the work of the Russian-linked LockBit ransomware gang, which last month hit U.K. postal giant Royal Mail, forcing the mail service to suspend international deliveries.
LockBit claimed responsibility for the attack and is threatening to leak data stolen from the company on February 4 unless a ransom demand is paid, according to the ransomware gang’s dark web site and seen by TechCrunch. It’s not yet known how much and what types of data were stolen. Ion spokesperson D’Costa declined to comment.
The impact of the incident also remains unclear, but Bloomberg reports that the attack affected at least 42 of Ion’s clients and forced several European and U.S. financial institutions to process some derivative trades manually. A person with knowledge of the incident told TechCrunch that many commercial banks worldwide are experiencing issues, such as the ability to get quotes, following the ransomware attack.
The Futures Industry Association, a U.S.-based industry advocacy group for the futures, options and cleared derivatives markets, said in a statement that the incident is “impacting the trading and clearing of exchange-traded derivatives by Ion customers across global markets.”
The FIA added that it is working with impacted members to assess the extent of the impact.
Meanwhile, the U.S. Treasury said it’s monitoring the situation and downplayed the risk to U.S. financial markets.
In a statement provided to TechCrunch, Treasury senior cybersecurity official Todd Conklin said the Treasury is aware of the ransomware attack but said that the incident is isolated to a small number of smaller and mid-size firms.
“The issue does not pose a systemic risk to the financial sector,” said Conklin. “We remain connected with key financial sector partners, and will advise of any changes to this assessment.”
Ion told clients on Thursday that its systems won’t be fully operational until February 6, according to email correspondence seen by Bloomberg.
https://techcrunch.com/
The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency. HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on […]
In 2019, Ring launched the Peephole Cam, a camera that fits over existing door peepholes to record goings-on outdoors, in apartment building hallways and so on. Priced at $199, the Peephole Cam failed to catch on, leading Ring to discontinue it in 2021. But now, Ring’s giving it another go — the Peephole Cam made […]
A bug in a new centralized system that Meta created for users to manage their logins for Facebook and Instagram could have allowed malicious hackers to switch off an account’s two-factor protections just by knowing their phone number. Gtm Mänôz, a security researcher from Nepal, realized that Meta did not set up a limit of attempts when […]
Leave a Reply