EquiLend Confirms Data Breach: Employees’ Information Stolen by Ransomware Gang

New York-based securities lending platform EquiLend Holdings has recently confirmed a data breach, notifying its employees that their data was stolen in a ransomware attack that occurred in January.

The breach came to light when EquiLend was forced to take some of its systems offline on January 22 to contain the attack. While the company initially remained tight-lipped about the nature of the incident, LockBit ransomware claimed responsibility for it in a statement to Bloomberg.

EquiLend later confirmed on February 2, via a dedicated information-sharing page, that the breach resulted from a ransomware attack.

Following the attack, the company took swift action to restore client-facing services. While there is no evidence that client transaction data was accessed or exfiltrated, EquiLend has confirmed that the attackers managed to steal personally identifiable information (PII) belonging to its employees.

In breach notification letters sent out to affected employees, EquiLend revealed that the stolen information includes names, dates of birth, and Social Security numbers. Despite this, the company stated that there is no indication that the stolen data has been used for identity theft or fraud.

EquiLend is providing affected employees with two years of free identity theft protection services through Identity Theft Guard Solutions (IDX) to mitigate the impact of the breach.

Established in 2001, EquiLend has grown to become a prominent player in the securities lending industry, with a client base that includes major global banks and broker-dealers. Its services are utilized by over 190 firms worldwide, and its Next Generation Trading (NGT) platform facilitates transactions worth more than $2.4 trillion monthly.

While EquiLend has restored its client-facing services, the incident underscores the persistent threat posed by ransomware attacks. It highlights the importance of robust cybersecurity measures in safeguarding sensitive data.