Evolve Bank & Trust announced a significant data breach by the LockBit ransomware group, potentially affecting its retail banking customers and numerous partners.
Evolve Bank & Trust, a key financial player for fintech startups, announced a significant data breach on Wednesday. The breach potentially affects not only Evolve's retail banking customers but also customers of its numerous fintech partners, according to a statement from the company.
Thomas Holmes, Evolve’s communications chief, informed TechCrunch that a "known cybercriminal organization" is behind the attack. Holmes revealed that the attackers have released data on the dark web, although he refrained from providing further details. LockBit, a notorious ransomware group, is believed to be responsible, as they have posted data allegedly stolen from Evolve on their leak site.
TechCrunch reached out to several of Evolve's partners, such as Affirm, Airwallex, Alloy, and others, to gauge the impact. Responses came from only a few, including Affirm, EarnIn, Marqeta, and Melio. Affirm's spokesperson, Matt Gross, stated that the company is actively investigating and will communicate directly with affected consumers. Affirm has also reassured customers that its cards and Money Accounts remain secure.
EarnIn is "monitoring the incident closely," according to spokesperson Stephanie Borman, while Kelly Kraft from Marqeta highlighted that Evolve supports only a small portion of its business and that affected customers have been notified. Matan Bar, Melio's co-founder and CEO, assured that they are working with Evolve to ascertain the impact on their customers and operations.
Mercury, another partner, disclosed that the Evolve breach affected records including account numbers and owner details. The true extent of the breach is expected to unfold as more companies assess the situation.
In the backdrop of this breach, Evolve Bank has been under scrutiny by the Federal Reserve for its fintech partnerships and anti-money laundering measures, as examinations in 2023 found deficiencies in its risk management framework.
Evolve's official statement on the incident outlines the steps being taken, including an ongoing investigation, engagement with law enforcement, and assurances that the threat has been contained. Evolve has also confirmed that debit cards and digital banking credentials do not seem to be impacted.
Additionally, Jason Mikula of Fintech Business Weekly reported that up to 33 terabytes of data from Evolve's systems may have been compromised, including a vast quantity of internal emails which could contain sensitive information.