Statement from Tom Kilroy, Chief Operating Officer

Updated 8.15pm GMT
March 26, 2020

Our teams have made tremendous progress on the path to bringing our systems back to normal and we will continue to work 24/7 until the process is complete. We’re working closely with our customers and we are committed to ensuring that service is restored in a controlled, safe and smooth manner.

We will provide further information as soon as it is available. Thank you for your ongoing support.

 

Updated 6.30pm GMT
March 24, 2020

We want to update our customers and partners that our restoration and investigation work continues. Our dedicated teams are doing everything they can to bring systems back to normal, and we’re working hard to support our customers and ensure the fastest, safest and smoothest return to full operations.  

The decision to voluntarily take our servers offline on March 20, 2020 was not taken lightly. We understood what was at stake and took that step to contain the threat, secure our network and most importantly, protect our customers and their data. We are appreciative of the support we have received for these actions.

Our customers remain our top priority. More here from our Chief Executive Officer, Simon Paris.

 

Updated 2.15pm GMT
March 23, 2020

Our teams continue to work to restore full IT operations.

As mentioned previously, our solutions each have their own nuanced processes to move from being available to operationally live, and we are working closely with impacted customers to move through these essential steps securely.

We are grateful for the support we have received as we restore our systems. We will continue to provide further information as soon as it is available.

 

Updated 9.45pm GMT
March 22, 2020

Following Friday’s incident, Finastra’s teams have been working tirelessly to bring our systems back online. We’ve made significant progress and are now able to bring back online the servers which we voluntarily took offline whilst we neutralized the threat. We are working with our impacted customers systematically and securely to return to normal operations.
 
Because our solutions each have their own nuanced processes to move from being available to operationally live, each of our products  will be back once readiness steps are completed.
 
We would like to reassure our stakeholders that, to the best of our knowledge, we do not believe that any customer or employee data was accessed or exfiltrated, nor do we believe our clients’ networks were impacted.
 
Thank you for your patience and understanding as we restore our systems. We will provide further information as soon as it is available.

 

Updated 1pm GMT
March 22nd, 2020

Our customers remain our number one priority and we are working round the clock to bring back online the servers that we took offline in order to neutralize the threat. We also want to reiterate that at this time, we do not have any evidence that any customer or employee data was accessed or exfiltrated, nor do we believe our clients' networks were impacted. Our primary concern remains the safety our customers’ data and systems, and our network. We will bring the affected servers back online in a controlled manner when we are completely confident it is safe to do so.

We are making significant headway and we will provide an update as soon as more information is available later today.

 

Updated 7pm GMT
March 21st, 2020
 
During the period immediately prior to March 20th, 2020, the Finastra IT security and risk teams actively detected, through our own monitoring, that a bad-actor was attempting to introduce malware into our network in what appears to have been a common ransomware attack. Unfortunately, this type of malware and criminal activity is increasingly common in today’s environment and is targeted at companies across many sectors, not only those involved in technology.
 
Immediately we detected this attack, we began work to neutralize it. We brought in an independent, leading cyber security firm, with whom we have an existing relationship, to assist us in investigating, containing and eliminating the threat. At around 7am GMT / 3am EST on Friday March 20th, 2020, we made the decision that it was necessary to voluntarily take our servers offline. We took this step to contain the threat, secure our network and protect our clients’ data.
 
At this time, we do not have any evidence that any customer or employee data was accessed or exfiltrated, nor do we believe our clients’ networks were impacted. No customers running software in their own environments are affected. We are confident that by moving rapidly and taking these proactive measures we successfully contained the threat, secured our network and protected our clients’ data.
 
We are now working to resolve the issue as quickly and diligently as possible and our cross functional teams are working relentlessly on the planned sequence of events to bring systems back online. We will only move through each of the stages in that sequence when we are sure it can take place in a controlled and secure manner.  
 
We have an industry-standard security program in place, and we are conducting a rigorous review of our systems to ensure that our customer and employee data continues to be safe and secure.
 
We have also informed and are cooperating with the relevant authorities and we are in touch directly with any customers who may be impacted as a result of disrupted service.
 
Finastra takes security very seriously, and we have committed to updating our stakeholders regularly about our progress towards the resumption of normal services and providing more information as our investigation into, and remediation of, this matter continues.