Fintech companies Wise and Affirm have confirmed that they were both affected by the recent data breach at Evolve Bank<\/a>.<\/p>\n\n\n\n
At the end of June, the LockBit gang\u00a0announced<\/a>\u00a0that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including \u201cAmericans\u2019 banking secrets.\u201d
\u201cEvolve Bank & Trust is making retail bank customers and financial technology partners\u2019 customers (end users) aware of a cybersecurity incident that may involve certain personal information, as well as the actions we have taken in response, and additional steps individuals may take.\u201d reads the notice<\/strong><\/a> of Cybersecurity Incident. \u201cEvolve is currently investigating a cybersecurity incident involving a known cybercriminal organization that appears to have illegally obtained and released on the dark web the data and personal information of some Evolve retail bank customers and financial technology partners\u2019 customers (end users). We take this matter extremely seriously and are working diligently to address the situation.\u201d<\/em><\/p>\n\n\n\n
Wise pointed out that the data breach has not impacted their systems.<\/p>\n\n\n\n
“For Evolve Bank & Trust to provide USD account details to Wise customers, they were required to hold identifying information. The information that we shared with Evolve Bank & Trust to provide USD account details included name, address, date of birth, contact details, SSN or EIN for US customers, or another identity document number for non-US customers. Evolve has not yet confirmed to us what data has been impacted.”\u00a0reads the statement<\/strong><\/a> published by Wise. “
The fintech firm will contact customers whose data may have been compromised.<\/p>\n\n\n\n
“On June 25, 2024, Evolve Bank & Trust (\u201cEvolve\u201d), the third-party issuer of the Affirm Card, notified the Company that Evolve had experienced a cybersecurity incident whereby a third party gained unauthorized access to personal information and financial information (\u201cPersonal Information\u201d) of Evolve retail banking customers and the customers of its financial technology partners.” reads the FORM 8-K filed by with SEC<\/a>. “Because the Company shares the Personal Information of Affirm Card users with Evolve to facilitate the issuance and servicing of Affirm Cards, the Company believes that the Personal Information of Affirm Card users was compromised as part of Evolve\u2019s cybersecurity incident.” <\/em><\/p>\n\n\n\n
The company added that its information systems were not compromised.<\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, data breach)<\/strong>