SoFi Hong Kong has warned that it has suffered an information breach after hackers accessed a third-party vendor’s database containing buyer info.
The corporate is a US-based monetary know-how firm that gives banking, investments, loans, and different private monetary companies. The corporate additionally operates SoFi Hong Kong, which supplies funding and securities companies to prospects within the area.
In an electronic mail despatched to prospects and shared with BleepingComputer, SoFi mentioned it found the incident on April 30, 2026, after detecting unauthorized entry to SoFi Securities (Hong Kong) Restricted’s database by means of certainly one of its distributors.
After discovering the incident, they labored with a third-party cybersecurity agency to reply.
The corporate mentioned its investigation is ongoing, however it isn’t but clear what information was leaked.
“We don’t but have full details about the scope and influence of the incident, or whether or not your private information was concerned (and if that’s the case, in what classes),” the e-mail despatched to SoFi prospects mentioned.
“We’re actively investigating the state of affairs and are taking further precautions to maintain your accounts protected.”
Supply: BleepingComputer
In a press release shared with BleepingComputer, a SoFi spokesperson acknowledged the breach however declined to reply extra questions in regards to the incident, together with the variety of prospects affected, whether or not the corporate was extorted, and the identities of the third-party distributors concerned.
SoFi didn’t say what info might have been compromised, however the firm warned prospects to stay vigilant for phishing makes an attempt, suspicious communications, and strange account exercise.
The corporate additionally suggested prospects to replace their passwords, allow two-factor authentication the place attainable, monitor their monetary accounts for suspicious exercise, and keep away from opening hyperlinks or attachments in unsolicited emails or messages.
SoFi mentioned it’s including extra safeguards and monitoring to affected accounts and should request extra verification info from prospects who contact assist or make adjustments to their accounts.
The corporate has offered a Hong Kong assist line (+852 26938888) and electronic mail deal with (good day@sofi.hk) for patrons looking for extra info.
Safety groups doc 54% of profitable assaults and challenge a warning on solely 14%. The remainder strikes invisibly by means of the surroundings.
Picus’ whitepaper exhibits how you can check your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
