Fintech
Author of newsletter covering Evolve Bank data breach says bank sent him cease-and-desist letter
The situation around a data breach which has affected an ever-increasing number of financial technology companies it just got weirder. Evolve Bank & Trust announced last week it was hacked and confirmed that the stolen data has been published on the dark web. Now Evolve has sent a cease-and-desist letter to the author of a newsletter that covered the ongoing situation.
Jason Mikula, author of the respected industry publication Fintech Business Weekly, told TechCrunch that he had received a cease and desist letter from the bank, which orders him not to share files from the dark web with any of the alleged fintech companies involved.
Mikula told TechCrunch that he wasn’t actually sharing, but was offering to do so, and he saw some files. Looking at hacked information is a common practice among journalists when reporting on security breaches, as a way to confirm that a breach has occurred and what was taken.
In this case, Mikula said he was in contact with four people who had access to some of the files stolen in the breach and posted on the dark web, and that he had personally reviewed some of the data.
The crux of the problem is that, according to Mikula’s industry sources, not all affected fintechs have received details about the information stolen in the breach.
“As I understand it, some fintechs had not received ‘confirmation’ from Evolve that it had been breached and therefore had not taken action to mitigate the risk or notify users,” Mikula told TechCrunch.
Mikula believes that “seeing the files would allow them to (1) confirm that the breach occurred and get examples of what data fields were included, and (2) allow them to identify the specific customers who were impacted,” he said.
Mikula was posting about fintechs that confirmed they were involved in X and wrote about it in his newsletter. So much so that X users like Parrot Capital praised him. “Jason provided better customer service for those affected by the Evolve Bank breach than anyone else,” Parrot published on X.
Mikula said yesterday that he “woke up to C&D.” He added that he was reporting responsibly and would continue to do so. TechCrunch has reached out to Evolve for comment.
Meanwhile, as Evolve sent Mikula lawyer letters, a group of senators publicly urged those involved with a struggling fintech, Synapse, to take action on July 1. They want Synapse’s owners, its fintech and banking partners, including Evolve, to “restore immediately Customers’ access to their money.” The synapse was pressed to file for Chapter 7 bankruptcy in May, completely liquidating its business. Customers have been cut off ever since.
The senators implicated both the company’s shareholders and investors as liable for any missing customer funds. The senators’ letter claims that between $65 million and $95 million is missing, but Synapse and all the other players, including Evolve, say that if that’s true, they are not liable. Everyone points the finger at each other.
The letter was addressed to W. Scott Stafford, chairman and CEO of Evolve Bank & Trust, but was also sent to major investors in bankrupt banking startup Synapse, as well as the company’s flagship bank and fintech partners.
Want more fintech news delivered to your inbox? Subscribe to TechCrunch Fintech Here.
Want to contact me with a suggestion? Email me at maryann@techcrunch.com or send me a message on Signal at 408.204.3036. You can also send a note to the entire TechCrunch team at suggestions@techcrunch.comFor more secure communications, Click here to contact uswhich includes SecureDrop (instructions here) and links to encrypted messaging apps.