ION, the electronic
trading solutions provider recently hit by a ransomware attack, overnight
started readmitting its clients to its cleared derivatives platform, a source
told Reuters on Tuesday. The revelation comes
one week after ION admitted that the platform was targeted. The firm described the attack as “a cybersecurity event.”
The Dublin-based financial trading services group in a statement disclosed that the
attack started on January 31 but said it was restricted to a
“specific environment.” The firm, which also offers clearing, analytics, treasury and risk management solutions to capital markets, also noted that it had kicked off
corrective actions as well as disconnected all affected servers.
Meanwhile, an ION memo
obtained by Bloomberg reveals the source of the attack to be LockBit, a
Ransomware-as-a-Service operation linked to Russia. The hackers told Reuters last Friday that the ransom they demanded from ION had been paid. However, they did not
disclose the amount or provide any evidence.
Furthermore, ION declined to
comment on the ransom payment. This is even as LockBit had given the deadline of February 4 (last Saturday)
for the ransom payment and threatened to divulge the data it stole from ION.
Watch the recent FMLS22 on how startups are disrupting cybersecurity for fintech companies.
Moreover, in a statement issued
last Wednesday, the Futures Industry Association (FIA), a US trade association
comprising futures commission merchants, bemoaned the impact of the attack on
the global customers of ION. The association noted that the hack was affecting
the trading and clearing of exchange-traded derivatives on ION’s platforms.
“We are working with
impacted members, including clearing firms and exchanges, as well as market
regulators and others, to assess the extent of the impact on trading,
processing, and clearing,” FIA explained in the statement.
The trade association
added that it was “seeking clarity over concerns about affected regulatory
obligations and reporting.”
ION, the electronic
trading solutions provider recently hit by a ransomware attack, overnight
started readmitting its clients to its cleared derivatives platform, a source
told Reuters on Tuesday. The revelation comes
one week after ION admitted that the platform was targeted. The firm described the attack as “a cybersecurity event.”
The Dublin-based financial trading services group in a statement disclosed that the
attack started on January 31 but said it was restricted to a
“specific environment.” The firm, which also offers clearing, analytics, treasury and risk management solutions to capital markets, also noted that it had kicked off
corrective actions as well as disconnected all affected servers.
Meanwhile, an ION memo
obtained by Bloomberg reveals the source of the attack to be LockBit, a
Ransomware-as-a-Service operation linked to Russia. The hackers told Reuters last Friday that the ransom they demanded from ION had been paid. However, they did not
disclose the amount or provide any evidence.
Furthermore, ION declined to
comment on the ransom payment. This is even as LockBit had given the deadline of February 4 (last Saturday)
for the ransom payment and threatened to divulge the data it stole from ION.
Watch the recent FMLS22 on how startups are disrupting cybersecurity for fintech companies.
Moreover, in a statement issued
last Wednesday, the Futures Industry Association (FIA), a US trade association
comprising futures commission merchants, bemoaned the impact of the attack on
the global customers of ION. The association noted that the hack was affecting
the trading and clearing of exchange-traded derivatives on ION’s platforms.
“We are working with
impacted members, including clearing firms and exchanges, as well as market
regulators and others, to assess the extent of the impact on trading,
processing, and clearing,” FIA explained in the statement.
The trade association
added that it was “seeking clarity over concerns about affected regulatory
obligations and reporting.”