Fintech
Fintech Announces Data Breach – Digital Journal
Ukraine’s cyber army is a group of volunteer hackers created following the Russian invasion and which has grown since then – Copyright AFP/File Fabrice COFFRINI
A recent data breach has occurred at Evolve Bankexposing Affirm cardholders’ and potentially other customers’ personal and financial information. This is another example of the vulnerabilities that plague some financial institutions.
Evolve Bank & Trust announced that it was hacked and confirmed that the stolen data was published on the dark web.
Jason Kent, Hacker in Residence at Cequence, examines the fallout and future actions for Digital Journal.
Kent begins by assessing the impact on the financial sector and what this latest cybersecurity incident signals: “As we continue to see aggregation attacks impacting more and more organizations, it will be up to the consumer to be increasingly vigilant.”
This is tied to developments in technology, as Kent explains: “Online transactions are a common question I get, but companies like Affirm are making point-of-sale (POS) lending possible in brick-and-mortar stores. Think of it like Apple Pay, but instead of your credit card, Affirm is the credit card, cutting out the middleman. Just use your Affirm app and that new Lay Z Boy is almost ready for delivery. Affirm often has better terms than a credit card, allowing for longer repayment periods and flexible payment options.”
This leads to considerations about the limits of the technology. Here Kent considers, “But what happens when someone hacks a platform that interacts with Affirm, perhaps containing Affirm cardholder data, PII, and all the other terrible things that we don’t want to be hacked again?”
Responding to this, Kent goes on to say, “Well, if you’re an Affirm customer, especially if you’ve had dealings with Evolve Bank, your data has been breached. That means you should think about two things.”
As for what steps to take, Kent advises, “First, contact Affirm and let them know that you no longer want to make transactions on your account until this is resolved.”
Next up: “Second, monitor your credit. I’m guessing you already have credit monitoring through some other violation, but if not, it’s relatively easy. extract your credit reportIf you haven’t gotten your free one yet this year, do it now.”
Bottom line, Kent says, “Third, be vigilant for anything that mentions Affirm or Evolve Bank and asks you to take action by clicking a link or calling a phone number that is not the one on the back of your card.”
In summary, Kent notes, “These breaches happen for many reasons, the impact can be immediate aftermath or it can take a while for the database to filter through the various entities on the black market. You just need to know that all of this is compromised and how to make sure you’re protected.”