Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach

A ransomware attack against a large financial services provider has become a problem for many companies it works with, two of which have already alluded to potential negative impacts on customer data.
The infamous LockBit group earned some undue attention early last week when it claimed to have hacked the US Federal Reserve.
It had breached the far lesser Evolve Bank & Trust.
According to a statement from Memphis-based Evolve, the attack occurred in late May, when an Evolve employee clicked on a malicious phishing link.
Though the attackers didn't access any customers' money, they were able to access and download customer information from databases and a file share.
LockBit was kicked out of Evolve's systems by the end of the month.
After the victim refused to pay the ransom, the group leaked the data it had stolen.
The twist is that, in addition to banking and lending for private citizens and businesses, Evolve offers business-to-business banking-as-a-service and payments processing technologies.
So beyond its own direct customers, its latest cyber incident has also spread to users of other financial companies that integrate with it, and more victims of the breach are coming to light.
There's the multibillion-dollar London-based Wise.
To enable that service, Wise shared with Evolve its customers' names, addresses, dates of birth, contact details, and ID numbers, including employer identification numbers and Social Security numbers.
Ditto to buy now, pay later company Affirm, which uses Evolve to issue and service its credit card-style Affirm Cards.
Customers' cards remain untouched, but the personal information Affirm shared with Evolve is another matter.
A number of them are currently investigating whether their customers' data has been affected.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 02 Jul 2024 21:30:07 +0000


Cyber News related to Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach

Affirm says cardholders impacted by Evolve Bank data breach - Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust. Evolve is a large financial services provider specializing ...
4 months ago Bleepingcomputer.com
Digital Transformation in the Financial Industry: The Role of Fintech - Fintech companies are providing innovative solutions to help customers save money and manage risk more effectively than ever before; they're also fueling innovation within traditional banks themselves by creating new products based on customer ...
11 months ago Hackread.com
Fintech company Affirm says Evolve Bank attack exposed customer info - Financial technology company Affirm told regulators this week that a cyberattack on a banking partner exposed customer information. Affirm - which runs one of the biggest buy now, pay later platforms - told the Securities and Exchange Commission on ...
4 months ago Therecord.media
Unleashing the Power of AI - Welcome to the next article in our series on mastering API integration, specifically tailored for the fintech industry. As product managers, understanding and harnessing AI in fintech API management is essential for optimizing operations, enhancing ...
10 months ago Feeds.dzone.com
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach - A ransomware attack against a large financial services provider has become a problem for many companies it works with, two of which have already alluded to potential negative impacts on customer data. The infamous LockBit group earned some undue ...
4 months ago Darkreading.com
Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit - Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers. The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve. ...
4 months ago Securityweek.com
Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
4 months ago Securityaffairs.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
9 months ago Securityzap.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
10 months ago Securityboulevard.com
Rising fintech trends for 2024: From A2A payments to GenAI in banking - The fintech market is undergoing a rapid shift, with the rise of new technologies, such as Open Finance, generative AI and A2A payments having a major impact on business models, according to Juniper Research. This is combined with unprecedented ...
10 months ago Helpnetsecurity.com
Evolve Bank confirms data breach after brazen LockBit claims - Arkansas-based Evolve Bank & Trust confirmed on Wednesday that hackers stole customer information and posted it on the dark web. Victims will be contacted with more information on free credit monitoring services, and some impacted customers will be ...
4 months ago Therecord.media
LockBit Attack Targets Evolve Bank, Not Federal Reserve - Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week. LockBit had drawn attention to itself earlier this week after ...
4 months ago Darkreading.com
Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
4 months ago Jdsupra.com
Federal Reserve "breached" data may actually belong to Evolve Bank - A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. You can imagine that everyone was anticipating the end of the countdown that ...
4 months ago Malwarebytes.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
11 months ago Bleepingcomputer.com
23andMe failed to detect mega-breach attackers for 5 months The Register - Biotech and DNA-collection biz 23andMe, the one that blamed its own customers for the October mega-breach, just admitted it failed to detect any malicious activity for the entire five months attackers were breaking into user accounts. In a collection ...
9 months ago Go.theregister.com
23andMe Faces Legal Backlash Over Data Breach and Blames Victims - Facing a deluge of more than 30 lawsuits from individuals impacted by a substantial data breach, genomics company 23andMe has taken a defensive stance by placing responsibility on the victims themselves. The breach came to light in October when ...
10 months ago Cysecurity.news
PennyMac Files Notice of Data Breach That Leaked Thousands of SSNs - On October 19, 2023, PennyMac Loan Services LLC filed a notice of data breach with the Attorney General of Texas after discovering that unauthorized actors were able to access information that had been entrusted to the company. In this notice, ...
11 months ago Jdsupra.com
Comcast Xfinity Reports Data Breach Exposing Info About 35M Customers - PRESS RELEASE. MARLTON, N.J., Dec. 19, 2023 /PRNewswire/ - Approximately 35 million consumers are being notified that their confidential information was compromised due to a vulnerability in software created by Citrix and used by Xfinity. The data ...
10 months ago Darkreading.com
Keenan & Associates Reports Data Breach Exposing Social Security Numbers of More Than 1.5M - PRESS RELEASE. MARLTON, N.J., Jan. 29, 2024 /PRNewswire/ - Approximately 1.5 million consumers are being notified that their Social Security numbers and other confidential information were compromised when an unauthorized party was able to access the ...
9 months ago Darkreading.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
10 months ago Securityboulevard.com
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
11 months ago Jdsupra.com
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
11 months ago Jdsupra.com
Console & Associates, P.C.: ESO Solutions Notifies 2.7M of Data Breach - PRESS RELEASE. MARLTON, N.J., Dec. 20, 2023 /PRNewswire/ - Approximately 2.7 million patients are being notified that their Social Security numbers and other confidential information were compromised when an unauthorized party gained access to ESO ...
10 months ago Darkreading.com
Orrick Data Breach: Law Firm Dealing with Data Breaches Hit by One - An international law firm assists businesses impacted by security events has experienced a cyberattack, where it compromised the sensitive health information of hundreds of thousands of data breach victims. Orrick, Herrington & Sutcliffe, the San ...
9 months ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)