Yieldstreet says some of its customers were affected by the Evolve Bank data breach
The alternative investment platform Yieldstreet is the latest company to reveal that its customers were affected by the recent data breach at Evolve Bank and Trust, TechCrunch has exclusively learned.Â
On Tuesday, Yieldstreet spokesperson Clare Burrows confirmed to TechCrunch that âsome Yieldstreet customer information may have been impactedâ as a consequence of the Evolve breach.Â
âWe have communicated this to all potentially affected customers and continue to follow best practices regarding third-party cybersecurity incidents,â Burrows said in an email.
Burrows declined to say exactly what kind of customer information was stolen, nor how many customers were affected.
Last week, Evolve, which is a popular financial institution for fintech startups, announced that a cyberattack affected âthe data and personal information of some Evolve retail bank customers and financial technology partnersâ customers.âÂ
As of this writing, the following companies have confirmed to TechCrunch that their customers were affected by the Evolve breach: Affirm, Branch, EarnIn, Marqeta, Melio, Mercury, Yieldstreet and Wise.Â
On Monday, Jason Mikula, a fintech reporter, wrote on X that Branch, an Evolve partner, notified customers that it was affected by the Evolve incident.Â
A Branch spokesperson told TechCrunch on Tuesday that the company âcontinues to work with Evolve to understand the scope and the impact this incident may have on Branch account holders.â
âOut of an abundance of caution, we issued an email notification to account holders about the incident and urged them to exercise vigilance in monitoring account activity and protecting their account credentials. We also reassured them that the safety and security of the Branch platform and mobile application had not been compromised,â the spokesperson wrote in an email.Â
Mikula also reported that Juno, a crypto service company, and Yotta, a fintech company, were also affected by the Evolve breach. In his newsletter Fintech Business Weekly, Mikula reported having reviewed stolen data from Evolve, which was posted online by the cybercrime gang Lockbit. Lockbit has claimed responsibility for the hack. According to the data, Mikula wrote, the following companies may have also been affected: Bitfinex, BrightSide, Copper, Dave, Fund That Flip, Juno, Mercury, Nomad, Rho, and SoLo Funds.Â
None of the above companies responded to TechCrunchâs request for comment, except for SoLo, which declined to comment.Â
Itâs likely that we still donât know of several other companies. When reached by TechCrunch, Evolve spokesperson Eric Helvie declined to say how many of the bankâs partner companies or clients were affected by the breach. Instead, Helvie referred us to Evolveâs blog post regarding the incident.