PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Lockbit Ransomware Attack Exposes Affirm Customers' Data

Despite an international takedown earlier this year, Lockbit affiliates breached Evolve Bank, thereby exposing some Affirm users.

Kate Irwin
 & Kate Irwin Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS
(Credit: Bloomberg/Contributor via Getty Images)

The Lockbit ransomware group breached US-based Evolve Bank & Trust and published confidential data, the financial firm has shared. This week, the "buy now, pay later" service Affirm has acknowledged some of its customers' data was exposed as a result.

Evolve says the cyberattack occurred in late May this year after an Evolve employee clicked on a malicious link. About a month later, Evolve told Affirm that the former experienced a cybersecurity breach where "a third party gained unauthorized access to personal information and financial information," according to a filing with the US Securities and Exchange Commission.

While Evolve says the breach has since been "contained," users with the Affirm Card, the company's debit card offering, had their data leaked because Evolve facilitates the cards. "Personal Information of Affirm Card users was compromised as part of Evolve's cybersecurity incident," Affirm states in the filing.

Affirm is still investigating the extent of the breach, but says its own IT systems were not infiltrated. Its debit cards are still active, but Affirm says it's ramping up its fraud monitoring efforts.

Recommended by Our Editors

Paying for Things With Your Phone Is About to Get a Lot Easier
Paying for Things With Your Phone Is About to Get a Lot Easier

Evolve didn't pay Lockbit's ransom, so the encrypted data was made public as a result. Evolve says it has its own backups and will see "limited data loss and impact on our operations" despite the attack.

As for Evolve's customers, the bank says Lockbit hasn't "accessed any customer funds," but did download Evolve customer information in February and May. Previously, Lockbit had erroneously claimed the Evolve breach was a breach of the US Federal Reserve.

Federal and international law enforcement agencies have been investigating and trying to shut Lockbit down for years. Six alleged Lockbit members have been charged so far, including an alleged senior leader. Authorities infiltrated the group's systems back in February, but this hasn't stopped the ransomware gang from reportedly spinning up new servers, leaking prior attack details, and conducting new ones. Last month, the FBI said it's obtained over 7,000 Lockbit decryption keys so far and is working to help those impacted.

About Our Expert

Kate Irwin

Kate Irwin

Reporter

I’m a reporter for PCMag covering tech news early in the morning. Prior to joining PCMag, I was a producer and reporter at Decrypt and launched its gaming vertical, GG. I have previously written for Input, Game Rant, Dot Esports, and other places, covering a range of gaming, tech, crypto, and entertainment news.

I’ve been a PC gamer since The Sims (yes, the original) in the CD-ROM days. I still think about my first-gen pink iPod mini, which, looking back, was not so mini. In 2020, I finally built my own custom Windows PC for gaming with a 3090 graphics card, but I also regularly use Mac and iOS devices. As a reporter, I’m passionate about documenting the wide world of tech and how it affects our daily lives.

My Areas of Expertise

  • Microsoft
  • Google
  • Artificial intelligence 
  • Cybersecurity
  • Video games are a big one. I specialize in shooters (Apex Legends, Fortnite, Overwatch) but I occasionally test out other genres as well, especially indie games or cozy games (The Sims series, Animal Crossing). 
  • The business and tech that powers video games
  • Cryptocurrency and blockchain technology
  • Social media platforms, including Meta’s apps, X/Twitter, Telegram, TikTok, etc.
  • Tech regulation

The Technology I Use

  • MSI gaming laptops
  • Nvidia graphics cards
  • AMD CPUs
  • MacBook Pro and Air laptops
  • An iPhone from 2019 (though I’m thinking about getting a “dumb phone” like the Light Phone)
  • Nintendo Switch
  • PlayStation 5
  • Freewrite Traveler 
  • At home: Sonos speakers (we have them all over the house), Philips Hue + Ring security products

Read the latest from Kate Irwin

Read full bio