BREAKING: Earlier this week, ransomware group LockBit claimed to have hacked 33TB of sensitive financial data from the Federal Reserve. However, the data actually comes from Evolve, a financial institution popular with fintech startups.

LockBit has since released the stolen data on the dark web. Evolve provides services for companies like Affirm, Alloy, Branch, Dave, EarnIn, Mastercard, Mercury, and Visa.

The hack includes full KYC data and images of identity credentials, putting the entire financial system at risk for fraud, not just Evolve's users.

This affects not only users of Evolve fintech programs like Stripe Treasury (including Shopify) but also anyone who has sent or received payments through them.

H/t Jason Mikula