The alternative investment platform Yieldstreet is the latest company to reveal that its customers were affected by the recent data breach at Evolve Bank and Trust, TechCrunch has exclusively learned.
On Tuesday, Yieldstreet spokesperson Clare Burrows confirmed to TechCrunch that “some Yieldstreet customer information may have been impacted” as a consequence of the Evolve breach.
“We have communicated this to all potentially affected customers and continue to follow best practices regarding third-party cybersecurity incidents,” Burrows said in an email.
Burrows declined to say exactly what kind of customer information was stolen, nor how many customers were affected.
Last week, Evolve, which is a popular financial institution for fintech startups, announced that a cyberattack affected “the data and personal information of some Evolve retail bank customers and financial technology partners’ customers.”
As of this writing, the following companies have confirmed to TechCrunch that their customers were affected by the Evolve breach: Affirm, Branch, EarnIn, Marqeta, Melio, Mercury, Yieldstreet and Wise.
On Monday, Jason Mikula, a fintech reporter, wrote on X that Branch, an Evolve partner, notified customers that it was affected by the Evolve incident.
A Branch spokesperson told TechCrunch on Tuesday that the company “continues to work with Evolve to understand the scope and the impact this incident may have on Branch account holders.”
“Out of an abundance of caution, we issued an email notification to account holders about the incident and urged them to exercise vigilance in monitoring account activity and protecting their account credentials. We also reassured them that the safety and security of the Branch platform and mobile application had not been compromised,” the spokesperson wrote in an email.
Mikula also reported that Juno, a crypto service company, and Yotta, a fintech company, were also affected by the Evolve breach. In his newsletter Fintech Business Weekly, Mikula reported having reviewed stolen data from Evolve, which was posted online by the cybercrime gang Lockbit. Lockbit has claimed responsibility for the hack. According to the data, Mikula wrote, the following companies may have also been affected: Bitfinex, BrightSide, Copper, Dave, Fund That Flip, Juno, Mercury, Nomad, Rho, and SoLo Funds.
None of the above companies responded to TechCrunch’s request for comment, except for SoLo, which declined to comment.
It’s likely that we still don’t know of several other companies. When reached by TechCrunch, Evolve spokesperson Eric Helvie declined to say how many of the bank’s partner companies or clients were affected by the breach. Instead, Helvie referred us to Evolve’s blog post regarding the incident.
You Might Also Like
Fizz, the anonymous Gen Z social app, adds a marketplace for college students
Teddy Solomon just moved to a new house in Palo Alto, so he turned to the Stanford community on Fizz...
HealthEquity says data breach is an ‘isolated incident’
On Tuesday, health tech services provider HealthEquity disclosed in a filing with federal regulators that it had suffered a data...
Roll20, an online tabletop role-playing game platform, discloses data breach
The popular online tabletop and role-playing game platform Roll20 announced on Wednesday that it had suffered a data breach, which...
Fisker asks bankruptcy court to sell its EVs at average of $14,000 each
Fisker has a willing buyer for its remaining inventory of all-electric Ocean SUVs, and has asked the Delaware Bankruptcy Court...