Challenger bank Dave affected by data breach

The company said that malicious actors recently breached Waydev, a former third-party service provider for Dave, accessing passwords that were stored in hashed form, using bcrypt, an industry standard hashing algorithm. The breached data included names, physical and email addresses, phone numbers, and dates of birth. Credit card information, bank account numbers, social security numbers, and other sensitive data was not accessed. Officials at Dave said there is no evidence that actions were taken using the stolen data, according to a statement released to mobilepaymentstoday.com.

Waydev issued a timeline showing that the breach involved the unauthorized use of a GitHub OAth token. The hackers have posted the data and are attempting to sell the information, and Dave officials launched an investigation working with the FBI. The fintech also retained Crowdstrike in the investigation.

The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.

The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.

Categories

Payments

Fraud and Fincrime

Fintech

Crypto, Web3 and CBDC

Regulations

M&A and Investments

Current themes

A2A Payments

Payment Orchestration

TradFi and DeFi Convergence

KYC, KYB and Digital Identity