Company News + Investor + Partner + Small Business
May 10, 2017
Our commitment to information security
At Funding Circle, we take the privacy and information security of our customers and partners incredibly seriously.
Recently, a professional security researcher informed us of a vulnerability in one of our databases. The database contained U.S. customer information and third-party marketing data – no data from our UK or European businesses was involved. As soon as we learned of the issue, we immediately determined the cause and implemented a fix. We also launched a full forensic investigation of the incident.
Importantly, our log analysis highlights there was no access of this data by a third-party, except by the security researcher himself.
We take great pride in delivering a secure and safe experience for our customers. As part of this, we are conducting a full and independent analysis with PwC to verify the results of our investigation, and conduct a rigorous assessment of our current controls.
We are committed to providing the best level of protection for our customers and their data. Here are just some of the policies, practices and technologies that enable us to do this:
- Employing a dedicated and experienced security team that is responsible for setting and ensuring the company’s compliance with security policies and standards;
- Performing regular penetration tests against our environments;
- Complying with security regulatory requirements including PCI-DSS;
- Employing security technologies like firewalls and scanning to protect our systems and data from attackers and malicious software; and
- Ensuring access to systems and data is appropriately restricted only to those that need to have that access.
We continue to take the privacy and information security of our customers incredibly seriously. For more information about our site security, please visit https://www.fundingcircle.com/home/security.