Financial technology company EquiLend – the owner of a NGT, a platform that executes $2.4 trillion of securities transactions each month – has confirmed “unauthorized access to our systems” on January 22.
The incident has disrupted some of its services, it confirmed.
“We took immediate steps to secure our systems and are working methodically to restore the involved services as quickly as possible,” an EquiLend spokesperson told reporters on January 24.
“We are working with external cybersecurity firms and other professional advisers to assist with our investigation and restoration of service. Clients have been advised that this may take several days” it added.
The company had not confirmed which systems were down after being contacted by The Stack and it was not immediately clear if NGT itself was affected. We will update our article with more details as we get them.
(Affected? Get in touch by email, Signal, or Telegram.)
EquiLend is owned by 10 of the biggest Wall Street firms, including Goldman Sachs Group Inc and BlackRock Inc. It provides a central platform and services for securities trading – spanning electronic trading, order management, post-trade automation, data and analytics and regulatory technology solutions. It serves over 200 asset owners, agency lending banks, broker-dealers and hedge funds, according to its site. Approximately $113.5 billion is transacted on NGT daily. It includes a web-based interface that lets traders transact over the platform, or a set of messaging protocols to connect straight into the NGT engine.
The EquiLend cyber incident comes days after it confirmed that private equity firm Welsh, Carson, Anderson & Stowe (WCAS) has agreed to acquire a majority stake in the firm in an acquisition to close in Q2 2024.
Cybersecurity breaches commonly take place around the time of major acquisitions for a number of reasons, including that staff are often distracted and/or if attackers have had sustained system access, they tend to detonate payloads before new owners embark on fresh systems audits and spot them on corporate infrastructure. It was not immediately clear if a ransomware payload had been detonated, as The Stack published.
EquiLend cybersecurity incident latest to hit markets
The EquiLend cybersecurity incident is the latest to hit financial markets – as attackers inch closer to causing serious financial market disruption.
In January 2023 the LockBit ransomware group hit software firm ION Trading UK in a breach that forced numerous European and US banks and brokers to process derivatives trades manually, whilst a November 8 ransomware attack on the US arm of the world’s largest bank, China’s Industrial & Commercial Bank of China impacted the trade of Treasuries.
(That incident is believed to have occurred after it failed to patch a critical Citrix vulnerability, CVE-2023-4966 that was widely exploited globally.)
Goldman Sachs, JPMorgan, Morgan Stanley and UBS meanwhile agreed to pay $499 million in 2023 to settle a lawsuit that had accused them of conspiring to stifle competition in the stock lending market using EquiLend.
EquiLend “agreed to specific reforms to prevent the sort of collusion and market abuse that occurred in this case, lawyers for the plaintiffs said, as reported by the FT on August 2023. EquiLend “vigorously denied” any wrongdoing at the time but said it was pleased to settle the case.
See also: 1 Citrix bug alone triggered 13 “nationally significant” UK cybersecurity incidents
Click Here For The Original Source.
————————————————————————————-