Yieldstreet and Affirm recently became the latest in a list of financial institutions affected by the recent cyberattack on Evolve Bank and Trust.
The online investment platform told TechCrunch that “some of Yieldstreet’s customers may have been affected” as a result of the incident at the bank.
“We have communicated this to all potentially affected customers and continue to follow best practices regarding third-party cybersecurity incidents,” a YieldStreet spokesperson told the publication. The company has not yet disclosed how many people were affected or what type of data was stolen in the attack.
“Desperate” bid attracts attention
Evolve Bank & Trust recently acknowledged that some of its systems were malfunctioning. Subsequent investigation confirmed that this was the result of a “fraudulent operation” in which LockBit hackers attempted to deploy ransomware on the bank’s IT systems.
LockBit gained access to the bank’s IT infrastructure after an employee “accidentally clicked on a malicious Internet link” and actually stole data from the system, but the company quickly deployed backups and was unable to do so. There was no further damage.
In the aftermath, Rockbit falsely claimed to have hacked the US Federal Reserve Bank and leaked data to the dark web.
However, this data appears to be from a number of Evolve’s banking partners, with Affirm, Branch, EarnIn, Marqeta, Melio, Mercury, and Wise currently confirming that they have customers affected by this incident.
“Out of an abundance of caution, we have issued email notifications to account holders about this incident, reminding them to monitor account activity and be vigilant in protecting their account credentials. We reassured them that the safety and security of the Branch platform and mobile applications was not compromised,” a spokesperson told the publication via email.
When Rockbit leaked data claiming to be from the Fed, many analysts said Rockbit was “desperate for attention” because of the massive disruption caused by Operation Kronos. said. But when we look at all the organizations affected, we may need to reconsider the “hopeless” part.