Ransomware attack on bank may have exposed personal information of fintech partners such as Wise, Affirm, and Mercury



On June 28, 2024,

Evolve Bank & Trust , a financial institution based in Arkansas , USA, announced that it had been hit by a ransomware attack by the cybercrime group LockBit . As a result, it has been reported that in addition to personal information of Evolve Bank & Trust's customers and employees, data related to affiliated fintech companies such as Wise , Affirm , and Mercury was also leaked.

Cybersecurity Incident | Evolve Bank & Trust
https://www.getevolved.com/about/news/cybersecurity-incident/



Fintech company Wise says some customers affected by Evolve Bank data breach | TechCrunch
https://techcrunch.com/2024/07/01/fintech-company-wise-says-some-customers-affected-by-evolve-bank-data-breach/

Startups scramble to assess fallout from Evolve Bank data breach | TechCrunch
https://techcrunch.com/2024/06/27/startups-scramble-to-assess-fallout-from-evolve-bank-data-breach/

Evolve Bank & Trust was founded in Arkansas in 1925 as a bank supporting rural development. In recent years, the company has focused on technology-enabled solutions and is actively partnering with fintech companies that provide online financial services.

According to a report released by Evolve Bank & Trust on June 28, 2024, the company confirmed that some of its systems were not functioning properly in late May 2024. Initially, a hardware failure was suspected, but an expert investigation determined that unauthorized access may have occurred, and the incident response process was initiated. The attack was contained by May 31, and the company explains that no unauthorized activity has occurred since then.

The investigation, which was commissioned from an outside expert, revealed that the unauthorized access was the work of LockBit, a cybercrime group responsible for the Nagoya Port cyberattack and the attack on an American insurance software developer . The cause of the hack was determined to be an employee accidentally clicking on a malicious internet link.



At the time of writing, there was no evidence that the hackers had accessed customer funds, but they downloaded data via Evolve Bank & Trust databases and shared files in February and May. Some data in the system was encrypted, but the company said that data loss and operational impact were limited because of available backups.

However, it has been reported that the downloaded data was leaked onto the Internet after Evolve Bank & Trust refused to pay the ransom demanded by the hackers. The data downloaded by the hackers includes the names, social security numbers, bank account numbers and contact information of most of the customers and open banking partners who use personal banking, and it is highly likely that the personal information of employees was also leaked. Whether other personal information, including that of business, trust and mortgage customers, was affected is still under investigation at the time of writing.

Evolve Bank & Trust has partnerships with many companies involved in online financial services, and the companies are investigating the impact of this ransomware attack. Wise, an international online remittance service, reports that it shares with Evolve Bank & Trust the names, addresses, birth dates, contact information, social security numbers or employer identification numbers of its American customers, and is investigating whether such personal information is included in the leaked data.

Data breach at Evolve Bank & Trust in the US | Wise Help Center
https://wise.com/ja/help/articles/1Tyvn34K9tp08aZ0y0Hqe0/

Affirm, which provides a deferred installment service, is also aware of and investigating a cybersecurity incident involving Evolve Bank & Trust.

Evolve Bank and Trust cybersecurity incident
https://helpcenter.affirm.com/s/article/evolve-bank-and-trust-cybersecurity-incident

Mercury, a service that provides a single dashboard for managing banking and financial operations, reported that data related to its customers, including account numbers, deposit balances, business names, and emails, was exposed. Mercury explained that Mercury account credentials, including passwords, were not exposed and that it is taking steps to protect affected Mercury customers.



Related Posts:

in Web Service,   Security, Posted by log1h_ik