EquiLend hacked days after announcing being acquired by WCAS

The acquisition is set to close in Q2 2024, subject to regulatory approvals. In addition to the acquisition, WCAS has committed a further $200 million investment to support organic growth initiatives and acquisitions by EquiLend.

In a surprising turn of events, EquiLend, a global leader in securities finance technology, suffered a significant cybersecurity breach just days after announcing its impending acquisition by private equity firm Welsh, Carson, Anderson & Stowe (WCAS).

The breach, which occurred on January 22, 2024, led to unauthorized access to EquiLend’s systems and subsequently caused disruptions in its automated securities lending services.

EquiLend acquisition to close in Q2 2024

This incident came as a shock to the industry, especially in the wake of EquiLend’s recent acquisition announcement. The deal with WCAS, a prominent investor in technology and healthcare, represented a strategic move for EquiLend, aiming to bolster its position in the securities lending market by leveraging WCAS’s resources and expertise in the financial technology sector.

The acquisition, set to give WCAS a majority stake in EquiLend, was viewed as a significant step towards enhancing EquiLend’s service offerings and expanding its global reach.

The acquisition is set to close in Q2 2024, subject to regulatory approvals. In addition to the acquisition, WCAS has committed a further $200 million investment to support organic growth initiatives and acquisitions by EquiLend.

However, the cybersecurity attack has cast a shadow over this positive development. While the perpetrators of the attack remain unidentified, EquiLend has been proactive in addressing the issue. The firm immediately engaged external cybersecurity firms and professional advisers to secure its systems and is working diligently to restore affected services. The company anticipates that the recovery process may take several days, although a definitive timeline has not been established.

EquiLend’s clients now adopting manual processes for tracking trades and managing counterparties

The breach has forced EquiLend’s clients to adopt manual processes for tracking trades and managing counterparties, highlighting the critical role of EquiLend’s digital systems in the securities lending industry.

This incident echoes a recent cybersecurity breach at ION Trading UK, which affected several major banks and brokers, underlining the increasing cyber risks faced by financial institutions. EquiLend’s situation raises concerns about the security of digital platforms in the financial sector, particularly in light of the company’s upcoming transition under WCAS’s ownership.

The Futures Industry Association (FIA), a leading global trade organization for the futures, options, and centrally cleared derivatives markets, had already underscored the importance of cybersecurity in the industry. In 2023, the FIA formed a task force to enhance industry resilience and issued a report with recommendations for strengthening cyber resilience. These efforts were in response to a significant disruption caused by a ransomware attack on a third-party service provider, affecting trade processing on multiple exchanges worldwide.

EquiLend’s breach adds to the growing list of cybersecurity incidents in the financial sector, reinforcing the FIA’s emphasis on the need for robust cyber resilience measures.

Financefeeds.com