SoFi confirms third-event data breach at Hong Kong subsidiary
Identity theft
SoFi Hong Kong is warning that it suffered a data breach after hackers won entry to a database at a third-event vendor containing customer facts.
The corporate is a U.S.-based mostly fully mostly financial expertise company that offers banking, investing, loans, and other non-public finance products and services. The corporate also operates SoFi Hong Kong, which offers investment and securities products and services to customers in the place.
In emails sent to customers and shared with BleepingComputer, SoFi acknowledged it found the incident on April 30, 2026, after detecting unauthorized entry to a database of SoFi Securities (Hong Kong) Runt thru no doubt one of its vendors.
After discovering the incident, they engaged with a third-event cybersecurity firm to answer.
The corporate says its investigation is ongoing and that it aloof does no longer know which explicit data can also were uncovered.
“We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved,” reads the electronic mail sent to SoFi customers.
“We are actively reviewing the situation and taking extra precautions to keep your account secure.”
Email sent to SoFi Hong Kong customers Offer: BleepingComputer
In an announcement shared with BleepingComputer, a SoFi spokesperson confirmed the breach but declined to answer extra questions concerning the incident, collectively with what number of customers had been affected, whether or no longer the corporate turn out to be extorted, or the identification of the third-event vendor inspiring.
While SoFi has no longer disclosed what facts can also were uncovered, the corporate warned customers to stay vigilant for phishing attempts, suspicious communications, and uncommon legend teach.
The corporate also told customers to interchange passwords, enable two-ingredient authentication where that you just may want to presumably agree with of, discover financial accounts for suspicious teach, and steer clear of opening links or attachments in unsolicited emails or messages.
SoFi says it has added extra safeguards and monitoring to affected accounts and can also build a matter to extra verification facts from customers who contact toughen or fabricate legend changes.
The corporate equipped a Hong Kong toughen line (+852 26938888) and electronic mail address (good day@sofi.hk) for customers wanting for extra facts.
