Exploited loophole causes major $20m security breach for Revolut


In 2022, Revolut faced a significant security breach, leading to a loss of $20m due to a fault in its payment processing system, as reported by the FT.

This major breach was a result of discrepancies between Revolut’s US and European systems, which led to a problematic system error where funds were erroneously refunded using Revolut’s own resources when certain transactions were declined.

The issue was ruthlessly capitalised on by organised criminal gangs who engineered scenarios where expensive purchases would be declined, leading to illegitimate refunds. These refunded sums were then siphoned off via ATM withdrawals.

The flaw was first spotted in late 2021 by one of Revolut’s partner banks in the US and subsequently rectified in Spring 2022. The loophole allowed a total of $23m to be withdrawn, with a portion of this money successfully recovered by tracking down those who had withdrawn cash. Revolut has not yet issued a public comment on the matter.

Keep up with all the latest FinTech news here

Copyright © 2023 FinTech Global

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.