Skip to content

Fintech companies spooked by Evolve bank’s ransomware breach

  • by
  • 3 min read

After Evolve Ban announced that it had been the victim of a cyberattack, it also warned that apart from the bank’s retail customers, the data and personal information of some of its “financial technology partners’ customers” had also been leaked. With the leaked data reportedly already being uploaded to the dark web, Evolve’s partners are now scrambling to conduct their own investigations to find out if there have been any breaches or leaks.

Wise, Affirm, and Mercury have already announced their investigations into the matter. Wise stated that the company worked with Evolve from 2020 to 2023, providing “USD account details” and that “some Wise customers’ personal information may have been involved.”

Any customers directly affected by the breach will be getting email notifications. The company claims that shared customer data with Evolve included names, addresses, date of birth, contact details and Social Security Numbers or Employer Identification Numbers for US customers. An additional “another identity document number” was also shared for non-US customers.

Illustration: JMiks | Shutterstock
Illustration: JMiks | Shutterstock

Affirm, which uses Evolve’s services as an issuing partner for its Affirm card, also issued a statement regarding the situation. Affirm claims that none of its systems were accessed, but the “incident may have compromised some data and personal information Evolve had on record.” While Affirm didn’t disclose what kind of data could’ve been accessed, Evolve’s statement includes that “Social Security numbers, bank account numbers, and contact information” were affected for most of its customers and partners.

The statement did not include any information about how many customers or partners were affected by the attack. Regardless, Evolve clarified that it suffered a ransomware attack in late May 2024 by the LockBit ransomware gang. The attackers accessed Evolve systems when an employee accidentally licked on a malicious internet link.

Interestingly, LockBit had mistaken Evolve systems for the US Federal Reserve and started making claims likewise on the internet. LockBit ended up encrypting “some data” within Evolve’s environment, but it had backups on hand and reports having “experienced limited data loss and impact” on its operations. Additionally, since Evolve refused to pay the ransom, LockBit has leaked the data they downloaded.

In the News: CocoaPods flaws risk supply chain attacks on thousands of apps

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: