U.S.-based banking-as-a-service giant Evolve Bank&Trust reported that cybercriminals accessed the personal data of millions of customers during a recent cyberattack.
In a filing with Maine’s attorney general on Monday,Evolve confirmed that at least 7.6 million individuals were affected,including over 20,000 customers based in Maine.The extent of the breach is still unfolding.When reached by TechCrunch,Evolve spokesperson Eric Helvie declined to comment on whether the number of affected individuals is expected to grow.
Evolve did not specify all the types of compromised data in the filing but previously stated on its website that attackers accessed names,Social Security numbers,bank account numbers,and contact information of personal banking customers,as well as personal data of Evolve employees and customers of its financial technology partners.
Among those affected are customers of Evolve’s partners,including Affirm,which confirmed that the breach“may have compromised some data and personal information”of its users.Fintech startup Mercury noted that the breach impacted“some account numbers,deposit balances,business owner names,and emails.”Money transfer organization Wise also confirmed that“some Wise customers’personal information may have been involved.”
Evolve is still investigating to determine if other personal information,including details about its business,trust,and mortgage customers,was compromised.
The breach was attributed to a ransomware attack by the Russia-linked LockBit gang,which was disrupted by a multi-government operation earlier this year,though its administrator remains at large.Evolve discovered the intrusion in May,after hackers had gained access to its systems.Evolve did not pay the ransom demanded by the hackers,leading to LockBit publishing the compromised data on its dark web leak site.
In a letter to affected customers,Evolve explained that hackers accessed and downloaded“customer information from Evolve’s databases and a file share during periods in February and May 2024.”
Evolve declined to answer further questions about the breach.