Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers.
The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve.
The cybercriminals did leak data on June 26, but it turned out that the files actually originated from an Arkansas-based financial organization, Evolve Bank & Trust.
The bank almost immediately confirmed that the hackers apparently gained access to customer and financial technology partner information.
Wise, a fintech firm whose services are widely used for international money transfers, revealed late last week that the Evolve data breach impacts some of its customers.
Wise had worked with Evolve to provide USD account details between 2020 and 2023.
While the companies no longer work together, it seems Evolve was still storing some data provided by Wise.
Wise highlighted that its systems are not impacted by the data breach.
Customers whose data may have been compromised will be directly contacted by the company.
Buy-now-pay-later services provider Affirm has revealed in an SEC filing that some of its customers were also impacted.
Evolve on Monday shared additional information on the security incident.
The company has confirmed that the LockBit ransomware group was behind the attack, and its investigation revealed that the cybercriminals gained access to its systems after an employee clicked on a malicious link.
In addition to stealing data, the hackers deployed file-encrypting ransomware on Evolve systems, but the bank said it had backups in place and claimed that data loss and impact on its operations were limited.
At this stage in the investigation, it appears that the cybercriminals obtained information such as names, Social Security numbers, bank account numbers, and contact information belonging to most of Evolve's personal banking customers, as well as customers of its Open Banking partners.
The company has also learned that personal information belonging to its employees was likely also compromised.
This Cyber News was published on www.securityweek.com. Publication date: Tue, 02 Jul 2024 13:43:05 +0000