Equilend hit by ransomware attack

LockBit claims responsibility

Global fintech firm admits being compromised by a ransomware attack but has not disclosed extent of damage

Global fintech firm Equilend has been hit by a ransomware attack that has disrupted the organisation and shut down part of its operations.

The criminal hacking gang LockBit has said - again - it was behind the ransomware attack.

A spokesperson for EquiLend stated: "On 22 January 2024, we identified a technical issue affecting parts of our systems. We launched an investigation and found a cybersecurity incident involving unauthorised access. Immediate measures were taken to secure our systems and we are diligently working to restore the affected services."

To address the security breach, EquiLend says it has enlisted the assistance of third-party cybersecurity experts. The company is collaborating with external firms and professional advisers to conduct the investigation and expedite the restoration process. Clients have been informed that the resolution may take several days.

As of now, Equilend has not disclosed whether any company or customer data was exposed or stolen during the incident.

LockBit functions as ransomware-as-a-service (RaaS). Willing parties put a deposit down for the use of custom for-hire attacks, and profit under an affiliate framework. Ransom payments are divided between the LockBit developer team and the attacking affiliates, who receive up to ¾ of the ransom funds. It's a highly successful business model. Only a couple of days ago LockBit added Subway to its victim list which was already lenghty and compromised of names such as Boeing, Royal Mail and the MOD.

Pending acquisition

The attack at Equilend follows its recent announcement of acquisition by US private equity firm Welsh, Carson, Anderson & Stowe (WCAS), set to close in Q2 2024, pending regulatory approval. WCAS has committed an additional $200 million investment to support Equilend's organic growth initiatives and acquisitions.

The FBI has issued a warning regarding ransomware attacks targeting companies involved in time-sensitive financial events, such as mergers and acquisitions. The agency notes that impending events affecting a victim's stock value make it easier for ransomware actors to extort their targets.

Founded in 2001 by a consortium of ten global banks and broker-dealers, EquiLend has grown to more than 330 employees across North America, EMEA and Asia-Pacific. Its services are utilised by over 190 firms worldwide, including agency lending banks, hedge funds and broker-dealers. Equilend's Next Generation Trading (NGT) platform facilitates more than $2.4 trillion in transactions each month within the securities finance marketplace.