Looks like they provide enough for an actual ACH pull by the hackers
![O O ns2 ns2](/styles/black_responsive_orange/xenforo/smilies/O_o.png)
. Luckily I don't keep money in
Mercury, but here's their email from 8 hours ago:
-----------
We recently became aware of a cybersecurity attack that breached the security systems of one of our partner banks, Evolve Bank & Trust, and leaked their records, including some account numbers, deposit balances, business owner names, and emails associated with Mercury and other fintech accounts.
Mercury account credentials — including passwords — were not exposed (we do not share this information).
While we do not anticipate an increased risk of exposed Evolve account numbers being used fraudulently, Mercury is taking the following preventative steps to keep your funds secure:
- We have robust monitoring for suspicious ACH pulls. If you notice a fraudulent ACH pull initiated against you, please dispute the transaction as soon as possible. You can see recent ACH pulls here.
- You can further enhance the security on your accounts by enabling the ACH authorizations feature, which will flag any ACH pulls from unauthorized vendors and give you a chance to decline them before they are processed.
...
----------------