Skip to content

ION slowly regains customers following Randomware attack

  • by
  • 2 min read

Financial software firm Ion is reportedly bringing clients back online on its now-cleared derivatives platform. Ion was attacked by the Russian-linked ransomware group Lockbit which claimed responsibility for the attack on its victim site. According to Lockbit, a ransom was paid but the group didn’t disclose the amount or show evidence of any financial transaction between itself and Ion. 

According to Reutersthe hackers who claimed responsibility for the breach told the publication via online chat on February 4 that a ransom had been paid. The Lockbit representative only stated that the money had come from a “very rich unknown philanthropist” and that there was “no way” the group would offer further details. 

Ion’s Cleared Derivatives division was attacked on January 31 forcing US and European banks and brokers to process some derivative trades manually. While Ion still hasn’t provided details on what customers were affected by the breach, the attack affected as many as 42 Ion customers, including ABN Amro Clearing and Intesa Sanpaolo, Italy’s biggest bank.

That said, a market participant with knowledge of the situation said that thousands of firms may have been affected. The US Commodity Futures Trading Commission also had to delay the publication of weekly trading statistics as affected Ion customers weren’t able to collect information fast enough to prepare daily positioning reports. 

Britain’s Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA) and the FBI were all actively investigating the situation. The Futures Industry Association (FIA) had also jumped in and is working with its member organisations to assess the impact on trading, processing and clearing.

At the time of writing, the FIA reports that the situation has since improved and several exchanges and clearing houses had offered clearing and reporting deadline extensions to affected Ion clients. An FIA spokesperson told Reuters that they were not aware of any serious impact on markets. The need for clearing extensions is also going away as firms start reporting business as usual. 

In the News: Android 14 is expected to ship in Q3 2023; developer preview out

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>