Fintech

Fintech company Wise says some customers have been affected by the Evolve Bank data breach

Published

7 months ago

on

Money transfer and fintech company Wise announced Friday that some of its customers’ personal data may have been stolen the recent data breach at Evolve Bank and Trust.

The news highlights that the consequences of the Evolve data breach on third-party companies – and their customers and users – are not yet clear, and are likely to include as-yet unknown companies and startups.

In a statement published on his official websiteWise wrote that the company worked with Evolve from 2020 to 2023 “to provide USD account details.” And given that Evolve was recently hacked, “the personal information of some Wise customers may have been affected.”

“We will be emailing any Wise customers who we believe may have been directly affected by this data breach,” the company wrote.

Wise said it shared U.S. customers’ personal data with Evolve, information that included names, addresses, dates of birth, contact details and Social Security numbers or employer identification numbers. For non-US customers, Wise also shared “another ID number.”

At this point, it’s unclear how many Wise customers have been affected, as the company wrote that it is still “actively investigating.”

Contact us

Do you have more information about the Evolve breach and how it is impacting other companies? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase, and Wire @lorenzofb, or e-mail. You can also contact TechCrunch via SecureDrop.

Wise did not respond to a request for comment asking how many of its customers had their data stolen.

When TechCrunch contacted Evolve for comment, asking if it knows how many current and former partner companies and end users have been affected by the breach, and whether Evolve has already contacted all of them, Evolve spokesperson Eric Helvie declined to comment and referred the company’s official statement on its website.

At the time of writing, the statement said Evolve was “continuing to work around the clock to respond to the recent cybersecurity incident” and promised to provide further updates. The company said the breach was a ransomware attack by the LockBit cybercrime gang, resulting in an employee clicking on a malicious link in May of this year.

“There is no evidence that criminals accessed customer funds, but it appears they accessed and downloaded customer information from our databases and a file share during the February and May periods,” the statement read. “The threat actor also encrypted some data in our environment. However, we have backups and have experienced limited data loss and limited impact on our operations.”

The company also promises to directly notify “every individual whose personal information has been affected.”

So far Affirm, EarnIn, Marqeta, Melio and Mercury, all partners of Evolve, they recognized who are investigating the impact of the Evolve breach on their customers. On Monday, fintech journalist Jason Mikula shared on X a notification that Branch, another Evolve partner, had sent to a customer. Branch has yet to respond to repeated requests for comment from TechCrunch.

Source

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version