A notorious hacker has breached a major US bank, stealing sensitive customer data from multiple financial firms.
Evolve Bank & Trust Hacked
Evolve Bank & Trust, a Tennessee-based lender, has confirmed that its system was compromised by the Russian ransomware gang LockBit. The hack reportedly exposed personal banking information of most of the bank’s customers, including:
- Names
- Social Security numbers
- Bank account numbers
- Contact information
Fintech Firms Impacted
Several fintech companies that have partnered with Evolve have also been affected by the breach. Affirm, Wise, Bilt, Marqeta, Mercury, and EarnIn have released statements confirming that some of their customers’ data may have been stolen.
Millions Affected
Consumer rights law firm Schubert Jonckheer & Kolbe estimates that millions of customers have been impacted by the data breach. Affirm alone has 18 million customers, and it believes that the personal information of its Affirm Card users was compromised.
Evolve’s Security Concerns
The hack comes as Evolve faces a cease-and-desist order from the Federal Reserve and the Arkansas State Bank Department. Regulators have cited weaknesses in the bank’s risk management and compliance programs related to anti-money laundering laws.