The Lockbit ransomware group breached US-based Evolve Bank & Trust and published confidential data, the financial firm has shared. This week, the "buy now, pay later" service Affirm has acknowledged some of its customers' data was exposed as a result.

Evolve says the cyberattack occurred in late May this year after an Evolve employee clicked on a malicious link. About a month later, Evolve told Affirm that the former experienced a cybersecurity breach where "a third party gained unauthorized access to personal information and financial information," according to a filing with the US Securities and Exchange Commission.

While Evolve says the breach has since been "contained," users with the Affirm Card, the company's debit card offering, had their data leaked because Evolve facilitates the cards. "Personal Information of Affirm Card users was compromised as part of Evolve's cybersecurity incident," Affirm states in the filing.

Affirm is still investigating the extent of the breach, but says its own IT systems were not infiltrated. Its debit cards are still active, but Affirm says it's ramping up its fraud monitoring efforts.

Evolve didn't pay Lockbit's ransom, so the encrypted data was made public as a result. Evolve says it has its own backups and will see "limited data loss and impact on our operations" despite the attack.

As for Evolve's customers, the bank says Lockbit hasn't "accessed any customer funds," but did download Evolve customer information in February and May. Previously, Lockbit had erroneously claimed the Evolve breach was a breach of the US Federal Reserve.

Federal and international law enforcement agencies have been investigating and trying to shut Lockbit down for years. Six alleged Lockbit members have been charged so far, including an alleged senior leader. Authorities infiltrated the group's systems back in February, but this hasn't stopped the ransomware gang from reportedly spinning up new servers, leaking prior attack details, and conducting new ones. Last month, the FBI said it's obtained over 7,000 Lockbit decryption keys so far and is working to help those impacted.