The situation surrounding a data breach that has affected an ever-increasing number of fintech companies has gotten even stranger. Evolve Bank & Trust announced last week that it had been hacked and confirmed that the stolen data had been posted on the dark web. Now Evolve has sent a cease and desist letter to the writer of a newsletter that covered the ongoing situation.
Jason Mikula, author of respected industry publication Fintech Business Weekly, told TechCrunch that he received a cease and desist letter from the bank telling him not to share files from the dark web with any suspected affected fintech companies.
Mikula told TechCrunch that he wasn’t actually doing such sharing, but he was offering to do so and saw some of the files. Viewing hacked information is a common practice among journalists when reporting on security breaches, as a way to confirm that a breach has occurred and what was taken.
In this case, Mikula said he is related to four people who have access to some of the files that were stolen during the breach and posted on the dark web, and have reviewed some of the data himself.
The crux of the problem is that not all affected fintechs have received details of what information was stolen in the breach, according to Mikula’s industry sources.
“As I understand it, some fintechs had not received ‘confirmation’ from Evolve that it had been breached and thus had not acted to mitigate the risk or inform users,” Mikula told TechCrunch.
Mikula believes that “seeing the files would allow them to (1) confirm that the breach occurred and examples of the data fields involved and (2) allow them to identify the specific customers that were affected,” Mikula said. he.
Mikula was posting information on fintechs confirmed to be involved in X and reporting on it in his newsletter. So much so that X users like Parrot Capital have praised it. “Jason has provided better customer service to those affected by the Evolve Bank breach than anyone else,” Parrot posted on X.
Mikula said yesterday that he “woke up from C&D”. He added that he was reporting the situation responsibly and will continue to do so. TechCrunch has reached out to Evolve for comment.
Meanwhile, while Evolve was sending letters from lawyers to Mikula, on July 1, a group of senators publicly called on those involved with a troubled fintech, Synapse, to act. They want Synapse’s owners, its fintech and banking partners – including Evolve – to “immediately restore customers’ access to their money”. Synapse was forced to file for Chapter 7 bankruptcy in May, completely liquidating its business. Customers have been frozen ever since.
The senators implicated both the company’s partners and investors as being responsible for any missing client funds. The senators’ letter claims $65 million to $95 million worth of funds are missing, but Synapse and all the other players, including Evolve, claim that if that’s true, they’re not responsible. Everyone is pointing fingers at others.
The letter was addressed to W. Scott Stafford, president and CEO of Evolve Bank & Trust, but was also sent to major investors in bankrupt banking-as-a-service startup Synapse, as well as the company’s main bank and fintech partners.
Want more fintech news in your inbox? Sign up for TechCrunch Fintech here.
Want to get in touch with a tip? Email me at maryann@techcrunch.com or send me a message on Signal at 408.204.3036. You can also drop a note to the entire TechCrunch crew at tips@techcrunch.com. For more secure communications, click here to contact uswhich includes SecureDrop (instructions here) and links to encrypted messaging apps.