Lithuania: Announced investigation into Revolut's for data breach

On 16 September 2022, the State Data Protection Inspectorate (SDPI) announced its investigation into Revolut’s data breach. The investigation was opened after the company notified the authority about a data breach that took place on 11 September 2022. The attack, carried out with social engineering methods, caused the breach of the data of 50’150 customers around the world, including 20’687 in the European Economic Area, whose names, addresses, and e-mails may have been affected. The SDPI noted that Revolut is internally investigating the cyber incident and personal data breach. Furthermore, the SDPI stated that it aims to assess whether the company violated the provisions of the General Data Protection Regulation by failing to implement preventive, detective and responsive security measures.