Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers.
The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve. The cybercriminals did leak data on June 26, but it turned out that the files actually originated from an Arkansas-based financial organization, Evolve Bank & Trust.
The bank almost immediately confirmed that the hackers apparently gained access to customer and financial technology partner information.
Wise, a fintech firm whose services are widely used for international money transfers, revealed late last week that the Evolve data breach impacts some of its customers. Wise had worked with Evolve to provide USD account details between 2020 and 2023. While the companies no longer work together, it seems Evolve was still storing some data provided by Wise.
“For Evolve Bank & Trust to provide USD account details to Wise customers, they were required to hold identifying information. The information that we shared with Evolve Bank & Trust to provide USD account details included name, address, date of birth, contact details, SSN or EIN for US customers, or another identity document number for non-US customers,” Wise explained. “Evolve has not yet confirmed to us what data has been impacted.”
Wise highlighted that its systems are not impacted by the data breach. Customers whose data may have been compromised will be directly contacted by the company.
Buy-now-pay-later services provider Affirm has revealed in an SEC filing that some of its customers were also impacted.
“Because [Affirm] shares the personal information of Affirm Card users with Evolve to facilitate the issuance and servicing of Affirm Cards, [Affirm] believes that the personal information of Affirm Card users was compromised as part of Evolve’s cybersecurity incident,” Affirm said. “However, the company’s information systems were not compromised, nor was the ability for Affirm Card holders to continue using their Affirm Card.”
Evolve on Monday shared additional information on the security incident. The company has confirmed that the LockBit ransomware group was behind the attack, and its investigation revealed that the cybercriminals gained access to its systems after an employee clicked on a malicious link.
In addition to stealing data, the hackers deployed file-encrypting ransomware on Evolve systems, but the bank said it had backups in place and claimed that data loss and impact on its operations were limited.
“There is no evidence that the criminals accessed any customer funds, but it appears they did access and download customer information from our databases and a file share during periods in February and May,” Evolve said.
It added, “We refused to pay the ransom demanded by the threat actor. As a result, they leaked the data they downloaded. They also mistakenly attributed the source of the data to the Federal Reserve Bank.”
At this stage in the investigation, it appears that the cybercriminals obtained information such as names, Social Security numbers, bank account numbers, and contact information belonging to most of Evolve’s personal banking customers, as well as customers of its Open Banking partners. The company has also learned that personal information belonging to its employees was likely also compromised.
Related: Bank of America Customer Data Stolen in Data Breach
Related: iOS Trojan Collects Face and Other Data for Bank Account Hacking
