The Lockbit ransomware group has breached US-based Evolve Bank & Trust, leading to the exposure of confidential data, including that of Affirm’s customers. Affirm, a “buy now, pay later” service, confirmed that some of its customers’ information was compromised due to this incident.
The cyberattack occurred in late May when an Evolve employee clicked on a malicious link. Evolve disclosed the breach to Affirm about a month later, revealing that unauthorized access to personal and financial information had occurred. This was according to a filing with the US Securities and Exchange Commission.
Although Evolve has since contained the breach, users of the Affirm Card, a debit card facilitated by Evolve, had their personal information compromised. Affirm reassures that its IT systems were not infiltrated and that debit cards remain active. The company is enhancing its fraud monitoring efforts in response.
Evolve did not pay the ransom demanded by Lockbit, resulting in the public release of the encrypted data. Despite this, Evolve claims minimal data loss due to its backups and asserts no customer funds were accessed.
Lockbit has been under investigation by federal and international law enforcement agencies for years. Recent efforts have led to charges against six alleged members and the seizure of over 7,000 decryption keys by the FBI to assist affected parties.