Data Breach at Evolve Bank and Trust Raises Concerns for Wise Customers
The recent data breach at Evolve Bank and Trust has raised concerns for customers of Wise, a money transfer and fintech company. Wise announced on Friday that some of its customers’ personal data may have been stolen in the breach. This highlights the potential impact of data breaches on third-party companies and their users, including those that are yet unknown.
According to Wise, the company had been working with Evolve since 2020 to provide USD account details. As a result of the breach, Wise believes that some of its customers’ personal information may have been involved. The company plans to directly contact all affected customers via email.
The personal data shared by Wise with Evolve includes names, addresses, date of birth, contact details, Social Security numbers or Employer Identification Numbers for U.S. customers, and another identity document number for non-U.S. customers. However, it is still unclear how many Wise customers have been affected, as the company is actively investigating the extent of the breach.
When asked about the impact of the breach on partner companies and end users, Evolve declined to comment and referred to their official statement. The statement confirms that Evolve is working to respond to the cybersecurity incident and will provide further updates. The breach was attributed to a ransomware attack by the LockBit cybercrime gang, which occurred due to an employee clicking on a malicious link in May.
Evolve assures that there is no evidence of customer funds being accessed by the criminals. However, customer information was downloaded from their databases and file share during periods in February and May. Some data was also encrypted within their environment, but backups are available, resulting in limited data loss and impact on operations. The company pledges to directly notify each individual whose personal information was affected.
Several other Evolve partners, including Affirm, EarnIn, Marqeta, Melio, and Mercury, are currently investigating how the breach has impacted their customers. Branch, another partner, has sent a notification to a customer but has yet to respond to requests for comment.
The Evolve data breach serves as a reminder of the potential risks faced by customers when their personal data is shared with third-party companies. It emphasizes the importance of robust cybersecurity measures and prompt communication with affected individuals. Wise and other companies affected by the breach must take swift action to protect their customers’ data and restore trust in their services.
