Here’s more information falling out of Evolve Bank’s fiasco

I recently blogged a diatribe about LockBit and the fact they lied about who they potentially breached.

Now we’re learning that companies, including affirm, are also affected.

According to the article we’ll be linking to, several different companies are affected.

Can you name them? Send your guesses in and don’t read past this point unless you’ve guessed first.



The paragraph with the answer says:

Evolve lists a series of companies on its site as partners that rely on the banking giant to offer some of their financial and lending services. To understand the impact of the Evolve breach on these companies, TechCrunch reached out to Affirm, Airwallex, Alloy, Bond, Branch, Dave, EarnIn, Marqeta, Mastercard, Melio, Mercury, PrizePool, Step, Stripe, TabaPay and Visa.

I’m actually surprised on two of these, Stripe and Visa. While most consumers don’t deal with Visa directly, this could actually be a bit of a concern, although they do issue cards to various banks like Capital One as an example. I have the same comment about mastercard too. The others I have not heard of, but affirm Terry has discussed at times so I know who they are.

Several companies weighed in, including several after press time as the article was updated since initial publication. I’m reading from that version.

Only Affirm, EarnIn, Marqeta and Melio responded to the request for comment.

Now, let’s see what each company said about themselves.

Affirm spokesperson Matt Gross told TechCrunch that the company is investigating the incident and “will communicate directly with any impacted consumers as we learn more.”

Affirm also alerted its customers in a post on X, writing that the Evolve breach “may have compromised some data and personal information” of Affirm customers. The company also said that it’s safe to use its card and Money Accounts, and that its investigation into the impact of the breach is still ongoing.

EarnIn spokesperson Stephanie Borman said that the company is “aware of this incident and monitoring it closely.”

Marqeta spokesperson Kelly Kraft told TechCrunch that the company is aware of the breach, and that “Evolve supports a small part of our overall business.”

“Our customers affected by this incident have been notified, and we are working closely with Evolve to understand their remediation effort and how our mutual customers may be impacted,” Kraft said in an email.

Melio co-founder and CEO Matan Bar told TechCrunch that the company is aware of the breach and “diligently working with them to determine if Melio or any of our customers were impacted by it. We will keep our customers informed with any relevant information as we learn more. There have been no disruptions to Melio’s operations as a result of this incident.”

Another Evolve partner, the fintech startup Mercury, said on X that the Evolve breach impacted records associated with the company, “including some account numbers, deposit balances, business owner names, and emails.”

As for evolve, I don’t understand why they haven’t just been shut down because of how ignorant they are.

If you’ve not read from the LockBit article, take this pill and swallow it whole.

Evolve has made headlines recently for other matters related to its fintech partnerships. On June 14, the Federal Reserve ordered Evolve Bank “to bolster its risk management programs around fintech partnerships as well as anti-money laundering laws.”

According to a statement by the Fed, examinations conducted in 2023 found that Evolve “engaged in unsafe and unsound banking practices by failing to have in place an effective risk management framework for those partnerships” with financial technology companies.

The bank has also been associated with the meltdown of banking-as-a-service startup Synapse, which provided a service that allowed others — mainly fintechs — to embed banking services into their offerings. When Synapse filed for bankruptcy this year and an attempted rescue acquisition of its assets by TabaPay fell through, the company pointed blame at its partner bank, Evolve — a saga that continues to play out.

I bet we’re going to learn more about these stupid jackasses, in due time. I tell you what, if I had a relationship with this bank, I’d be cutting my ties with them.

“Until you show me you care about cybersecurity, fuck you.”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.