Not saying that this breach is somehow connected, but all of my Wise cards(both physical and virtual) got charged($10, $100, $500) at random locations of the globe in May & June and method was manual entry. While some charges were declined initially because the expiry date was entered wrong on first try(all of my cards coincidentally have expiry date like 04/24 or similar) but cvv was always correct. To make matters worse, all these charges were manually entered somewhere and NO approval notification(thing that I get when I make any online Txn, regardless of amount) ever popped up. I only noticed the declined txns in the evening when I went to check my phone after work.
Wise sent me an email this month that there was a breach at Evolve but all ties were broken with them and no data was affected. But these random rise of fraud txn were saying otherwise. Also, thankfully, the txns were declined due to insufficient fund(I only use wise during travelling and add fund before departure) which gets me extra worried that those might have gone through if I had funds even when all of those cards were frozen[1].
[1] This is my typical habit after getting one of my real credit card with very high limits getting charged thousands of Euros while I was out sick in hospital for a month and then getting greeted by all these charges while I was barely able to sit still and still recovering. Thankfully, my creditcard provider accepted my paperwork and removed(reversed?) those txn and immediately sent me a replacement card in a week and disabled my hacked card. Since then, I always keep my CC frozen and only use proxy(Wise) when doing txn online with limited balance.
How do you know this, does Wise provide auth response data? (Merchants are not required to respect the CVV check, so it's possible for txns to go through with a non-matching CVV response code.)
I'm also curious about the lack of notifications. That would seem to indicate a level of account control beyond the cardholder data. Unless they were failed due to NSF before the notification step.
> How do you know this, does Wise provide auth response data?
Usually, for each transaction, wise gives a small type details, such as
* manual entry: when I manually type in all details on a form
* saved-detail: when I preauthorized some vendor or processor to perform txn without further interactions(think quick checkout using paypal)
* apple/google pay: when card is preauthorized in such
* chip and pin: means I entered the card physically on a machine and entered PIN
* contactless: means an NFC tap pay directly
Usually, all manual entry raises a notification and all the fraud charges were manual entry minus the notifications(immensely unusual unless I used the card with that vendor before frequently) on very random places in matter of days(one in California, followed by one in Tokyo). Then next time two in India followed by one in Vietnam. Then next week two in Malaysia followed by one in Bulgaria. And then several more.
While I freaked out because these vendors were entirely unknown to me and my card were all frozen with no funds in balance, the lack of notification and the charges in pattern(first $10, followed by $100 and then $500 or $250) were very odd.
In some cases a CVV can still result in a cheaper rate for the merchant on the transaction.
In other cases I've seen the lack of CVV entry result in my card provider triggering a curious 2fa-esque flow with my card provider (I can't remember the name for it) or in other cases, the card provider can just nope out. (Or trigger a fraud alert)
Same, just last week on my Wise account. "Manual entry". First a 0USD "card check" was triggered, couple hours later transactions started going through.
I noticed a couple days later by accident, randomly checking my balance in the app. I got no notifications from Wise app at any time.
Thing is, although I have a physical Wise card, it was never used anywhere since the account was opened, so I suspected something was way off. Can't be stolen credit card info from some random store online, or ATM skimming etc.
While I don't know what all the possible ways to pull this off are, had a feeling I'd be reading about it on HN soon.
This breach, or some other breach, looks to me like someone has enough info to charge random Wise accounts.
I suspect that some more data has been breached than Wise wants to disclose, but the bad practices in industry does not surprise me. It could be that the card provider for wise is at fault here and not wise directly but the fact that charges still happen and get declined due to inadequate funds without notifications for approval(which always happens for me on manual entry unless I used a vendor several times for same amount) for very random never before used vendors around the globe in short time should definitely trigger some fraud alerts.
Wise sent me an email this month that there was a breach at Evolve but all ties were broken with them and no data was affected. But these random rise of fraud txn were saying otherwise. Also, thankfully, the txns were declined due to insufficient fund(I only use wise during travelling and add fund before departure) which gets me extra worried that those might have gone through if I had funds even when all of those cards were frozen[1].
[1] This is my typical habit after getting one of my real credit card with very high limits getting charged thousands of Euros while I was out sick in hospital for a month and then getting greeted by all these charges while I was barely able to sit still and still recovering. Thankfully, my creditcard provider accepted my paperwork and removed(reversed?) those txn and immediately sent me a replacement card in a week and disabled my hacked card. Since then, I always keep my CC frozen and only use proxy(Wise) when doing txn online with limited balance.