News

Challenger bank Dave affected by data breach

Tuesday 28 July 2020 11:08 CET | News

US-based challenger bank Dave has confirmed that it was the victim of a data breach that impacted up to 7.5 million customers.

The company said that malicious actors recently breached Waydev, a former third-party service provider for Dave, accessing passwords that were stored in hashed form, using bcrypt, an industry standard hashing algorithm. The breached data included names, physical and email addresses, phone numbers, and dates of birth. Credit card information, bank account numbers, social security numbers, and other sensitive data was not accessed. Officials at Dave said there is no evidence that actions were taken using the stolen data, according to a statement released to mobilepaymentstoday.com.

Waydev issued a timeline showing that the breach involved the unauthorized use of a GitHub OAth token. The hackers have posted the data and are attempting to sell the information, and Dave officials launched an investigation working with the FBI. The fintech also retained Crowdstrike in the investigation. 

More: Link


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Dave, challenger bank, US, United States, data breach, Waydev, TPP, bcrypt, GitHub Oath token, FBI, CrowdStrike
Categories: Banking & Fintech | Digital Identity, Security & Online Fraud
Countries: United States
This article is part of category

Banking & Fintech