EquiLend Holdings, a key player in the securities lending market, has successfully brought back online several systems that were targeted in a recent ransomware attack. The New York-based company had to take its NGT platform offline after cybercriminals breached its infrastructure. The NGT platform is responsible for handling transactions worth $2.4 trillion every month and is utilized by over 190 firms globally. These firms include asset owners, agency lending banks, broker-dealers, and hedge funds.
EquiLend reported that its NGT platform has been restored and is now live and processing trading activity. In addition to this, the company has also restored post-trade systems that support settlement monitoring, dividend comparisons, billing, and technology for regulatory compliance monitoring. Although the company’s data and analytics services are currently receiving and processing client data, users are still unable to directly access them.
This successful restoration comes after the attack, which started on January 22, and forced many of EquiLend’s systems offline. The company first issued an outage notification on January 24, attributing the systems’ offline status to a “technical issue.” However, on January 25, EquiLend updated its breach notification to confirm that the company had fallen victim to ransomware-wielding attackers. As a result, the NGT platform, post-trade systems, data and analytics services, and RegTech offerings were all taken offline until they could be fully restored. Fortunately, the company’s Spire and ECS Loan Market offerings remained unaffected by the attack and remained fully operational.
The successful restoration of EquiLend’s systems is a crucial development for the heavily regulated securities lending market. The company plays a critical role in facilitating short selling, derivatives trading, and fails-driven borrowing, allowing investors to borrow securities for various financial activities.
The company’s swift response to contain the incident and enhance its monitoring capabilities included implementing SentinelOne, extended detection and response technology. However, some EquiLend customers had to resort to processing their securities lending manually due to the outages. Market watchers also expressed concerns about firms being at risk of not knowing their exposure or meeting regulatory reporting deadlines as a result of the disruptions.
EquiLend was founded in 2001 by a consortium of leading financial services firms with the goal of creating a standardized and centralized platform for global trading and post-trade services. The recent attack occurred just days after private equity firm Welsh, Carson, Anderson & Stowe announced an agreement to acquire a majority stake in the company. The terms of the deal have not been disclosed and are subject to regulatory approvals.
This incident is the latest in a series of cyberattacks targeting major financial services firms. Last year, the U.S. Treasuries market experienced disruptions after the New York financial services subsidiary of the Industrial and Commercial Bank of China was hit by ransomware-wielding attackers. The attacks have underscored the importance of robust cybersecurity measures to protect critical financial infrastructure. EquiLend has promised to share further details about the attack once its ongoing digital forensic investigation is completed. For now, the company continues to focus on fully restoring its operations and ensuring the security of its systems.
Croatian 
English 
Albanian 
Serbian 