Wise, a prominent money transfer and fintech company, announced on Friday that some of its customers’ personal data may have been stolen in the recent data breach at Evolve Bank and Trust. This development highlights the ongoing ramifications of the Evolve data breach, which has affected numerous third-party companies and their users.
Evolve Bank, a financial institution that provides banking services to various fintech startups, was a victim of a ransomware attack by the LockBit cybercrime group in May 2024. The attack involved an employee clicking on a malicious link. As a result, the attackers gained access to customer information, including personal data, from Evolve's databases and file share during periods in February and May.
The Evolve Bank security breach has had a ripple effect across the fintech industry. Several companies that partner with Evolve, including Affirm, EarnIn, Marqeta, Melio, and Mercury, are actively investigating the impact on their customers. Branch, another Evolve partner, has also acknowledged the potential impact.
Despite the potential data exposure, Wise assures its customers that its systems were not compromised and that their accounts remain secure. The company is actively investigating the situation and is proactively reaching out to customers who may have been affected.
The Evolve Bank data breach serves as a stark reminder of the vulnerabilities within the financial technology (fintech) ecosystem. This incident underscores the importance of robust security measures for fintech companies, particularly those relying on third-party service providers.
Evolve Bank acknowledges the ransomware attack and states that it is actively working to address the situation. While the company claims that customer funds were not accessed, it admits that customer information may have been compromised. Evolve is committed to providing updates on the ongoing investigation.
Given the evolving nature of cyber threats, users and customers are advised to remain vigilant. This includes regularly reviewing account statements, monitoring credit reports, and being cautious about suspicious emails or phishing attempts.
Ask anything...