In a recent and unsettling development, Wise, a prominent fintech and money transfer company, has announced that some of its customers’ personal data may have been compromised due to a data breach at Evolve Bank and Trust. This breach has not only affected Wise but also highlights the broader implications for third-party companies and their customers. As investigations continue, the full extent of the breach remains uncertain.
The Breach at Evolve Bank and Trust
Evolve Bank and Trust, a financial institution providing services to numerous fintech companies, suffered a significant data breach recently. The breach was identified as a ransomware attack by the LockBit cybercrime gang, triggered by an employee clicking on a malicious link in May 2023. According to Evolve, the attackers accessed and downloaded customer information from databases and file shares during February and May. Although the criminals did not access customer funds, they did encrypt some data within Evolve’s environment.
Impact on Wise and Its Customers
Wise, which collaborated with Evolve from 2020 to 2023 to provide USD account details, has revealed that some of its customers’ personal information might have been compromised. The affected data includes names, addresses, dates of birth, contact details, and Social Security numbers or Employer Identification Numbers for U.S. customers. For non-U.S. customers, other identity document numbers may have been exposed.
In a statement on its official website, Wise assured that it is actively investigating the breach’s impact and will directly email affected customers. A Wise spokesperson reiterated that Wise’s systems were not compromised and that customers could safely access their accounts.
Broader Implications and Ongoing Investigations
The repercussions of the Evolve data breach extend beyond Wise. Evolve partners such as Affirm, EarnIn, Marqeta, Melio, and Mercury have acknowledged their investigations into the breach’s impact on their customers. Additionally, Branch, another Evolve partner, notified its customers but has not responded to media inquiries.
Evolve’s spokesperson, Eric Helvie, declined to comment on the number of affected partner companies and users, referring to the company’s official statement. Evolve is working continuously to address the cybersecurity incident and promises to notify all individuals whose personal information was affected.
Mitigation and Future Actions
As Wise and other fintech companies assess the breach’s impact, several steps are being taken to mitigate risks and inform affected customers:
- Customer Notifications: Wise and other affected companies are reaching out to potentially impacted customers, providing information on the breach and steps to protect their personal data.
- Enhanced Security Measures: Companies are likely to review and enhance their security protocols to prevent similar incidents in the future.
- Collaborative Investigations: Ongoing investigations involve collaboration between affected companies, cybersecurity experts, and law enforcement to identify the breach’s full extent and prevent further damage.
Wise’s Commitment to Security
Wise remains committed to safeguarding its customers’ data and ensuring the security of its systems. The company has emphasized that its internal systems were not compromised and that customers can continue to use their services safely. As investigations proceed, Wise will provide updates and support to affected customers.
Conclusion
The Evolve Bank data breach has exposed significant vulnerabilities in the interconnected world of fintech companies and their service providers. Wise and other affected companies are actively working to understand the breach’s impact and take necessary measures to protect their customers’ data. As the situation develops, it serves as a stark reminder of the importance of robust cybersecurity practices and the need for vigilant monitoring and response strategies.
More News: Tech News
