Fintech Wise has announced that the personal data of a number of customers may have been compromised following the recent data breach at Evolve Bank and Trust.
Wise worked with Evolve from 2020 to 2023 to provide USD account data. The extent of the damage is unclear, but the breach highlights the precarious nature of trusting third-party companies and relying on their security.
Evolve confirmed an attack last week attributed to ransomware group LockBit, which leaked the data after the bank refused to pay the ransom.
Smart data breach affects external companies
To develop wrote: “In late May 2024, Evolve Bank & Trust discovered that several of its systems were not functioning properly.” Evolve initially believed it was a hardware failure, but later confirmed the breach was the result of “unauthorized activity.”
Evolve has not yet confirmed what personal information was leaked, but in a sign of transparency, Wise confirmed: “The information we shared with Evolve Bank & Trust to provide USD account information included name, address, date of birth, contact information, SSN or EIN for US customers, or other identification document number for non-US customers.”
Evolve shared the following in its announcement: “The investigation is still in its early stages, but it appears that the names, social security numbers, bank account numbers and contact details of most of our retail banking customers, as well as customers of our Open Banking partners, have been impacted.”
Also wise confirmed: “We no longer work with Evolve Bank & Trust, and the USD account information is provided by another bank.”
Account details, Wise cards and USD account details will remain unaffected and Wise customers can continue to use them. The company also advises to be vigilant against suspicious communications and recommends steps to prevent identity theft, including placing fraud alerts with credit agencies.