Startups are rushing to evaluate the impact of the Evolve Bank data breach
The incident, according to the company’s statement, involved “the data and personal information of some Evolve retail bank customers and financial technology partners’ customers.”
When reached by reporters, Evolve’s communications chief Thomas Holmes said that the incident involves “a known cybercriminal organization.”
“It appears these bad actors have released illegally obtained data, on the dark web,” said Holmes, declining to comment further.
The cybercriminals responsible for the breach appear to be the notorious ransomware gang LockBit, which posted data allegedly stolen from Evolve on its dark web leak site.
Evolve lists a series of companies on its site as partners that rely on the banking giant to offer some of their financial and lending services. To understand the impact of the Evolve breach on these companies, reporters reached out to Affirm, Airwallex, Alloy, Bond, Branch, Dave, EarnIn, Marqeta, Mastercard, Melio, Mercury, Prizepool, Step, Stripe, Tabapay, and Visa.
None of the companies, except for Affirm, EarnIn, Marqeta, and Melio responded to the request for comment.