LendInvest shares were trading down heavily on Friday after admitting the client data had been accessed by people outside of the company.
UK financial services provider LendInvest recently experienced a data breach that exposed some customer and applicant personal data. The compromised data was limited to a specific test environment, not LendInvest’s core systems.
LendInvest was alerted to the breach on August 24, 2023. The company immediately launched an investigation and took steps to secure the exposed data. The scope of the breach, including the number of impacted individuals and duration of exposure, is still being determined.
According to LendInvest, there is currently no evidence that the exposed personal data has been misused. The company has engaged specialist services to support its ongoing investigation and incident response.
LendInvest states it is contacting the relevant UK regulatory bodies, including the Information Commissioner’s Office and Financial Conduct Authority, regarding the breach. The company also intends to notify all affected individuals appropriately once the investigation yields more details.
While contained, the breach nonetheless highlights the cybersecurity risks inherent for financial services firms like LendInvest that handle sensitive customer data. The company emphasizes its commitment to data security and privacy protections. LendInvest maintains that further details will be provided to affected customers and applicants when available.
LendInvest shares were down 6% at the time of writing.