Pierluigi Paganini
July 02, 2024
Fintech companies Wise and Affirm have confirmed that they were both affected by the recent data breach at Evolve Bank.
At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.”
Despite the announcement, data leaked data from the group belongs to the Arkansas-based financial organization Evolve Bank & Trust.
The analysis of the data leaked by the LockBit group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust.
Evolve Bank & Trust published a notice on its website to confirm the security breach and announced it has launched an investigation into the incident. The financial organization confirmed that certain personal information may have been compromised. The financial organization refused to pay the ransom and the gang leaked the stolen data.
“Evolve Bank & Trust is making retail bank customers and financial technology partners’ customers (end users) aware of a cybersecurity incident that may involve certain personal information, as well as the actions we have taken in response, and additional steps individuals may take.” reads the notice of Cybersecurity Incident. “Evolve is currently investigating a cybersecurity incident involving a known cybercriminal organization that appears to have illegally obtained and released on the dark web the data and personal information of some Evolve retail bank customers and financial technology partners’ customers (end users). We take this matter extremely seriously and are working diligently to address the situation.”
Evolve has reported the incident to law enforcement, it also added that the incident has been completely contained.
An update published on June 26, 2024 12:00pm confirmed that the company’s retail banking customers’ debit cards, online, and digital banking credentials do not appear to be impacted.
Evolve will directly contact impacted customers and financial technology partners.
The fintech firm Wise announced that the Evolve data breach impacted some of its customers. Despote Wise is no longer collaborating with Evolve, the bank was still storing some Wise data.
Wise was sharing data with Evolve Bank & Trust to receive USD account details from the bank, including name, address, date of birth, contact details, SSN or EIN for US customers, or another identity document number for non-US customers. Evolve has not yet reveal which Wise data has been compromised by the security incident.
Wise pointed out that the data breach has not impacted their systems.
“For Evolve Bank & Trust to provide USD account details to Wise customers, they were required to hold identifying information. The information that we shared with Evolve Bank & Trust to provide USD account details included name, address, date of birth, contact details, SSN or EIN for US customers, or another identity document number for non-US customers. Evolve has not yet confirmed to us what data has been impacted.” reads the statement published by Wise. “
The fintech firm will contact customers whose data may have been compromised.
Affirm, a fintech firm with a buy now, pay later service for online and in-store shopping, also confirmed that Evolve Bank data breach impacted some of its customers.
“On June 25, 2024, Evolve Bank & Trust (“Evolve”), the third-party issuer of the Affirm Card, notified the Company that Evolve had experienced a cybersecurity incident whereby a third party gained unauthorized access to personal information and financial information (“Personal Information”) of Evolve retail banking customers and the customers of its financial technology partners.” reads the FORM 8-K filed by with SEC. “Because the Company shares the Personal Information of Affirm Card users with Evolve to facilitate the issuance and servicing of Affirm Cards, the Company believes that the Personal Information of Affirm Card users was compromised as part of Evolve’s cybersecurity incident.”
The company added that its information systems were not compromised.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
