Affirm says cardholders impacted by Evolve Bank data breach

Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust.
Evolve is a large financial services provider specializing in retail and commercial banking, payment processing, and banking-as-a-service.
In June, the LockBit ransomware gang falsely claimed to have breached the US Federal Reserve and stolen 33 TB of data.
After researchers analyzed the data, it was determined that it had been stolen from Evolve Bank & Trust, which confirmed to BleepingComputer that the data belonged to them.
In an update published yesterday, Evolve said it has responded to the incident by resetting passwords globally, reconstructing critical Identity Access Management components, including Active Directory, and various network hardening measures.
As of the latest investigation findings, there's evidence that the stolen data includes names, Social Security Numbers, bank account numbers, and contact information.
Affirm, one of Evolve's clients, is now warning its customers that their personal and financial information might have been exposed in the Evolve data breach.
Affirm shares customer data with Evolve as required to issue Affirm Cards, a debit card that lets you pay for purchases over time.
Affirm added that Evolve had assured them the cybersecurity incident had been contained.
Affirm says users may continue to transact normally as the Company remains on high alert for potentially suspicious activity linked to the incident.
The breach at Evolve has potentially affected several other fintech firms in the US, with Wise and Bilt confirming they were impacted.
Wise published a statement on its website late last week, informing customers it had shared full names, addresses, contact details, Social Security numbers, and other sensitive information with Evolve as part of a partnership between 2020 and 2023.
Bilt has also notified customers via notifications that its partnership with Evolve may have led to the compromise of sensitive customer information.
A Bilt employee confirmed on Reddit that they are unsure if any of its customers' data was actually exposed.
Evolve has also promised to email individual notifications to all persons confirmed to have been impacted by the incident on July 8, 2024.
Due to the severity of the Evole data breach, we will likely see further fintech companies disclose potential data breaches as the investigation continues.
Infosys McCamish says LockBit stole data of 6 million people.
Prudential Financial now says 2.5 million impacted by data breach.
Meet Brain Cipher - The new ransomware behind Indonesia's data center attack.
Change Healthcare lists the medical data stolen in ransomware attack.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 02 Jul 2024 16:00:28 +0000


Cyber News related to Affirm says cardholders impacted by Evolve Bank data breach

Affirm says cardholders impacted by Evolve Bank data breach - Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust. Evolve is a large financial services provider specializing ...
5 months ago Bleepingcomputer.com
Fintech company Affirm says Evolve Bank attack exposed customer info - Financial technology company Affirm told regulators this week that a cyberattack on a banking partner exposed customer information. Affirm - which runs one of the biggest buy now, pay later platforms - told the Securities and Exchange Commission on ...
5 months ago Therecord.media
Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit - Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers. The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve. ...
5 months ago Securityweek.com
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
1 year ago Jdsupra.com
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach - A ransomware attack against a large financial services provider has become a problem for many companies it works with, two of which have already alluded to potential negative impacts on customer data. The infamous LockBit group earned some undue ...
5 months ago Darkreading.com
Encore Bank Notifies Customers of Data Breach After Hackers Access an Employee Email Account - On January 31, 2024, Encore Bank filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized party was able to gain access to an employee's email account. In this notice, Encore Bank explains that ...
10 months ago Jdsupra.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
5 months ago Securityaffairs.com
CyberCrime & Doing Time: Identification Documents: an Obsolete Fraud Countermeasure - When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. In the new case, Brianna Mills, a 28-year old bank teller in Loganville, Georgia ...
10 months ago Garwarner.blogspot.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
10 months ago Securityzap.com
LockBit Attack Targets Evolve Bank, Not Federal Reserve - Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week. LockBit had drawn attention to itself earlier this week after ...
5 months ago Darkreading.com
Bank of America's Security Response: Mitigating Risks After Vendor Data Breach - In a concerning development, Bank of America has informed its customers about a possible data breach stemming from a security incident involving one of its vendors. This incident raises questions about the security of sensitive customer information, ...
10 months ago Cysecurity.news
Patelco shuts down banking systems following ransomware attack - Patelco Credit Union has disclosed it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident's impact. Patelco is an American credit union with assets exceeding $9 ...
5 months ago Bleepingcomputer.com
Nationwide Banking Crisis: Servers Down, UPI Transactions in Jeopardy - Several bank servers have been reported to have been down on Tuesday, affecting Unified Payments Interface transactions throughout the country. Several users took to social media platforms and reported that they encountered issues while making UPI ...
10 months ago Cysecurity.news
Evolve Bank confirms data breach after brazen LockBit claims - Arkansas-based Evolve Bank & Trust confirmed on Wednesday that hackers stole customer information and posted it on the dark web. Victims will be contacted with more information on free credit monitoring services, and some impacted customers will be ...
5 months ago Therecord.media
Banco Santander warns of a data breach exposing customer info - Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. With a strong presence in Spain, the United Kingdom, Brazil, Mexico, and ...
7 months ago Bleepingcomputer.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
1 year ago Bleepingcomputer.com
Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds - Joe Sullivan arrived at his sentencing hearing on May 4 this year, prepared to go to jail had the judge not gone with a parole board's recommendation of probation. A federal jury convicted the former Uber CISO months earlier on two charges of fraud ...
1 year ago Darkreading.com
CyberCrime & Doing Time: Classic Baggie: Part Three - He claimed he was selected as an independent contractor to rebuild a fleet of airplanes for KLM Royal Dutch Airlines, who had wired him $3.5 Million Euros into his Swiss bank account at Neue Privat Bank. His attorney, Phillip Richardson, said that he ...
11 months ago Garwarner.blogspot.com
Federal Reserve "breached" data may actually belong to Evolve Bank - A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. You can imagine that everyone was anticipating the end of the countdown that ...
5 months ago Malwarebytes.com
Pharmacy provider Truepill data breach hits 2.3 million customers - Postmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information. Truepill is a B2B-focused pharmacy platform that uses APIs for order fulfillment ...
1 year ago Bleepingcomputer.com
Bank of America warns customers of data breach after vendor hack - Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. Customer personally identifiable information exposed in the security breach includes the affected ...
10 months ago Bleepingcomputer.com
Infosys McCamish Systems data breach impacted over 6M people - MUST READ. Infosys McCamish Systems data breach impacted over 6 million people. Keytronic confirms data breach after ransomware attack. City of Cleveland still working to fully restore systems impacted by a cyber attack. ABN Amro discloses data ...
5 months ago Securityaffairs.com
Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)