FinWise Bank Reports Insider Data Breach
▼ Summary
– FinWise Bank notified customers of a data breach caused by a former employee who accessed personal information after their employment ended.
– The incident occurred on May 31, 2024, but was not discovered until June 18, 2025, affecting 689,000 customers of FinWise and its partner American First Finance.
– Compromised data included customers’ full names, though other personal information categories were redacted in the notification.
– FinWise offered affected customers 12 months of free credit monitoring and identity theft protection services and advised them to monitor their accounts.
– An expert stated that 90% of organizations lack resources to detect insider threats and recommended better access controls and employee education.
FinWise Bank has alerted its customers to a significant data security incident involving unauthorized access by a former employee. The breach, which took place on May 31, 2024, remained undetected for more than a year until its discovery on June 18, 2025. This lapse highlights ongoing challenges in monitoring and responding to insider threats within financial institutions.
According to a notification filed with regulatory authorities, the former employee accessed sensitive data belonging to both FinWise and its partner, American First Finance (AFF). AFF collaborates with the bank to provide installment loan services to consumers. The breach potentially exposed the personal information of approximately 689,000 customers, though the bank confirmed that at minimum, individuals’ full names were compromised. Other categories of affected data were largely redacted in public disclosures.
Upon identifying the incident, FinWise promptly initiated an investigation with the support of external cybersecurity experts. The bank has since offered impacted customers complementary credit monitoring and identity theft protection services for a period of twelve months. Affected individuals are also encouraged to place fraud alerts on their credit files and regularly review financial statements for signs of suspicious activity.
This event underscores a broader industry concern regarding insider threats. Kevin Kirkwood, CISO at Exabeam, noted that a startling 90% of organizations lack adequate resources to effectively identify and mitigate risks posed by insiders. He emphasized the importance of strict access controls and segmentation of sensitive data to limit exposure. In this instance, the individual responsible had already left the company but retained sufficient knowledge to execute the breach.
Kirkwood further recommended that organizations strengthen both technical defenses and employee education programs, particularly as threats continue to evolve in sophistication. Establishing clear protocols around data access and maintaining vigilance over user permissions remain critical steps in preventing similar incidents.
(Source: Info Security)
