ION Reboards Clients after Ransomware Attack: Report

Tuesday, 07/02/2023 | 14:13 GMT by Solomon Oladipupo
  • The ransomware attack started on January 31st, ION disclosed recently.
  • The hack was claimed by LockBit, a ransomware gang with ties to Russia.
JP Morgan

ION, the electronic trading solutions provider recently hit by a ransomware attack, overnight started readmitting its clients to its cleared derivatives platform, a source told Reuters on Tuesday. The revelation comes one week after ION admitted that the platform was targeted. The firm described the attack as "a cybersecurity event."

The Dublin-based financial trading services group in a statement disclosed that the attack started on January 31 but said it was restricted to a “specific environment.” The firm, which also offers clearing, analytics, treasury and risk management solutions to capital markets, also noted that it had kicked off corrective actions as well as disconnected all affected servers.

Ransomware Attack Affects ION Clients

Meanwhile, an ION memo obtained by Bloomberg reveals the source of the attack to be LockBit, a Ransomware-as-a-Service operation linked to Russia. The hackers told Reuters last Friday that the ransom they demanded from ION had been paid. However, they did not disclose the amount or provide any evidence.

Furthermore, ION declined to comment on the ransom payment. This is even as LockBit had given the deadline of February 4 (last Saturday) for the ransom payment and threatened to divulge the data it stole from ION.

Watch the recent FMLS22 on how startups are disrupting cybersecurity for fintech companies.

Moreover, in a statement issued last Wednesday, the Futures Industry Association (FIA), a US trade association comprising futures commission merchants, bemoaned the impact of the attack on the global customers of ION. The association noted that the hack was affecting the trading and clearing of exchange-traded derivatives on ION's platforms.

“We are working with impacted members, including clearing firms and exchanges, as well as market regulators and others, to assess the extent of the impact on trading, processing, and clearing,” FIA explained in the statement.

The trade association added that it was “seeking clarity over concerns about affected regulatory obligations and reporting.”

ION, the electronic trading solutions provider recently hit by a ransomware attack, overnight started readmitting its clients to its cleared derivatives platform, a source told Reuters on Tuesday. The revelation comes one week after ION admitted that the platform was targeted. The firm described the attack as "a cybersecurity event."

The Dublin-based financial trading services group in a statement disclosed that the attack started on January 31 but said it was restricted to a “specific environment.” The firm, which also offers clearing, analytics, treasury and risk management solutions to capital markets, also noted that it had kicked off corrective actions as well as disconnected all affected servers.

Ransomware Attack Affects ION Clients

Meanwhile, an ION memo obtained by Bloomberg reveals the source of the attack to be LockBit, a Ransomware-as-a-Service operation linked to Russia. The hackers told Reuters last Friday that the ransom they demanded from ION had been paid. However, they did not disclose the amount or provide any evidence.

Furthermore, ION declined to comment on the ransom payment. This is even as LockBit had given the deadline of February 4 (last Saturday) for the ransom payment and threatened to divulge the data it stole from ION.

Watch the recent FMLS22 on how startups are disrupting cybersecurity for fintech companies.

Moreover, in a statement issued last Wednesday, the Futures Industry Association (FIA), a US trade association comprising futures commission merchants, bemoaned the impact of the attack on the global customers of ION. The association noted that the hack was affecting the trading and clearing of exchange-traded derivatives on ION's platforms.

“We are working with impacted members, including clearing firms and exchanges, as well as market regulators and others, to assess the extent of the impact on trading, processing, and clearing,” FIA explained in the statement.

The trade association added that it was “seeking clarity over concerns about affected regulatory obligations and reporting.”

About the Author: Solomon Oladipupo
Solomon Oladipupo
  • 1050 Articles
  • 40 Followers
About the Author: Solomon Oladipupo
Solomon Oladipupo is a journalist and editor from Nigeria that covers the tech, FX, fintech and cryptocurrency industries. He is a former assistant editor at AgroNigeria Magazine where he covered the agribusiness industry. Solomon holds a first-class degree in Journalism & Mass Communication from the University of Lagos where he graduated top of his class.
  • 1050 Articles
  • 40 Followers

More from the Author

Institutional FX

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}