More US finance firms say they were affected by Evolve data breach

Code Skull
(Image credit: Shutterstock)

Yieldstreet and Affirm have become the latest in the growing list of financial organizations to be affected by the recent cyberattack on Evolve Bank and Trust recently.

The online investment platform told TechCrunch that “some Yieldstreet customer may have been impacted” as a result of the incident at the bank. 

“We have communicated this to all potentially affected customers and continue to follow best practices regarding third-party cybersecurity incidents,” a Yieldstreet spokesperson told the publication. So far, the company did not want to say how many people were affected, or what type of data was stolen in the attack.

"Desperate" bid for attention

Evolve Bank & Trust recently confirmed it had seen some of its systems malfunctioning - which subsequent investigation confirmed was the result of “unauthorized activity”, as LockBit hackers tried to deploy ransomware onto the bank’s IT systems.

LockBit gained access to the bank’s IT infrastructure when an employee “inadvertently clicked on a malicious internet link,” and while the gang did steal data from the systems, it couldn’t do more harm since the company quickly deployed backups.

In the aftermath, LockBit leaked the data on the dark web, erroneously claiming that it had hacked the US Federal Reserve bank

But the data seems to belong to Evolve’s numerous banking partners, with Affirm, Branch, EarnIn, Marqeta, Melio, Mercury, and Wise, all now having confirmed having customers that are affected by the incident.

“Out of an abundance of caution, we issued an email notification to account holders about the incident and urged them to exercise vigilance in monitoring account activity and protecting their account credentials. We also reassured them that the safety and security of the Branch platform and mobile application had not been compromised,” a spokesperson told the publication in an email. 

When LockBit leaked the data, claiming it came from the Fed, many analysts said the group was in a “desperate bid for attention” since Operation Cronos disrupted it, heavily. However, looking at all the affected organizations, they might need to reconsider the “desperate” part.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.