## TL;DR
- A former employee of FinWise Bank improperly accessed sensitive data after leaving the company, exposing the personal information of 689,000 American First Finance (AFF) customers.
- The breach, discovered on May 31, 2024, involved customer data linked to loans, lease-to-own accounts, and retail installment agreements.
- FinWise Bank is offering 12 months of free credit monitoring and identity theft protection to affected individuals.
Insider Breach at FinWise Bank: What Happened?
On May 31, 2024, FinWise Bank, a Utah-based FDIC-insured community bank, disclosed a data security incident involving a former employee. The breach exposed the personal information of 689,000 customers of American First Finance (AFF), a financial services company that partners with FinWise Bank to manage consumer loans, applications, and servicing.
### How Did the Breach Occur?
The investigation, supported by external cybersecurity professionals, revealed that the former employee retained access to AFF data after their employment ended. While the exact nature of the breach remains unclear—whether it was intentional or negligent—the incident highlights the risks of insider threats in financial institutions.
Key details of the breach include:
- The exposed data includes personal details of customers linked to:
- FinWise loans,
- AFF lease-to-own accounts,
- Retail installment sales agreements.
- FinWise Bank has not disclosed technical specifics about the breach, leaving questions about the extent of the unauthorized access.
The Role of FinWise Bank and American First Finance
FinWise Bank and AFF operate in a lender-technology provider partnership:
- FinWise Bank funds consumer loans.
- AFF manages loan applications, originations, and servicing.
According to the data breach notification published by the Maine Attorney General:
> "FinWise experienced a data security incident involving a former employee who accessed FinWise data after the end of their employment. Some of the data impacted includes American First Finance’s ('AFF’s') data."
Impact on Affected Customers
The breach has raised concerns about the security of personal and financial data. Customers impacted by the breach may face risks such as:
- Identity theft,
- Fraudulent transactions,
- Unauthorized access to financial accounts.
### FinWise Bank’s Response
To mitigate the risks, FinWise Bank is offering:
- 12 months of free credit monitoring,
- Identity theft protection services to all affected individuals.
Why This Breach Matters
This incident underscores the critical importance of robust insider threat detection and access management protocols in financial institutions. Key takeaways include:
- Former employees can pose significant risks if their access to sensitive systems is not revoked promptly.
- Partnerships between financial institutions and third-party providers require stringent security measures to protect customer data.
- Proactive measures, such as regular audits and access reviews, are essential to prevent similar incidents.
Conclusion
The FinWise Bank data breach serves as a stark reminder of the vulnerabilities posed by insider threats in the financial sector. While FinWise Bank has taken steps to support affected customers, the incident highlights the need for enhanced security protocols to prevent unauthorized access and protect sensitive data.
For ongoing updates on cybersecurity threats and best practices, follow @securityaffairs on Twitter, Security Affairs on Facebook, and Mastodon.
## Additional Resources
For further insights, check:
- Maine Attorney General’s Data Breach Notification
- Security Affairs: Insider Breach at FinWise Bank