According to the breach disclosure to the State Data Protection Inspectorate in Lithuania, where Revolut has a banking license, at least 50,150 customers have been impacted, reports BleepingComputer.
The company’s website says that it has approximately 20 million customers.
A Revolut spokesperson was quoted as saying that an unauthorised party had access “for a short period of time” to details of only 0.16 per cent of its customers.
“We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted,” Revolut said.
The fintech platform last year raised $800 million, valuing it at more than $33 billion.
An affected customer posted a Revolut email reply on the discussion forum Reddit, confirming the hack.
“We recently received a highly targeted cyber attack from an unauthorised third party that may have gained access to some of your information for a short period of time. You do not need to take any action, however we wanted to let you know, and sincerely apologise for this incident,” read the reply.
“We immediately detected and isolated the cyberattack. As you were part of a very small percentage of affected customers, we want to reassure you that your data is now safe, and we understand that you may have questions about this incident,” said the company.
It said that although the money is safe, “you may be at increased risk of fraud”.
“We recommend that you be especially vigilant for any suspicious activity, including suspicious emails, phone calls or messages. This was an isolated incident and the security of our customers’ accounts remains our top priority,” said Revolut.