Trust and Security Center
As a security company, StackAware takes its own cybersecurity posture seriously. As an early stage startup, we rely heavily on no- and low-code platforms to facilitate rapid development of business logic. We seek to be as transparent as possible regarding the technological dependencies of our application so that customers can make informed risk management decisions.
We will continue to implement best practices, pursue third-party attestations and certifications, and provide additional information to customers and prospects.
Rightway Healthcare
Eleos Health
Embold Health
Scrut Automation
OnCorps
Reputation
Vendavo
TJC
Cobalt Robotics
IQNOX
4th party data breach - Evolve Bank & Trust
Mercury announced in March 2025 that it is transitioning out of its relationship with Evolve Bank & Trust. This transition is complete and StackAware now has no relationship (direct or indirect) with Evolve Bank & Trust.
On July 29, 2024, StackAware received the following update from Mercury:
"While we don’t have account-specific details, we share the following information with Evolve in the normal course of business and it’s likely that some of your company's data was included: name(s), phone numbers, addresses, and email addresses for businesses and their beneficial owners, overall account balance, business bank account numbers, business EIN, and certain transaction information, including: the entities you transact with and their information such as the sender and receiver’s address, account number, and transaction amounts."
Due to the methods by which StackAware receives payment from its customers, only a narrow portion of them were potentially impacted.
With that said, StackAware has notified all those who could have been affected directly, and is formally closing out this incident.
At 4:06pm Eastern Time on 26 June 2024, StackAware received an alert from one of its vendors, the financial technology company Mercury.
Mercury wrote:
"We recently became aware of a cybersecurity attack that breached the security systems of one of our partner banks, Evolve Bank & Trust, and leaked their records, including some account numbers, deposit balances, business owner names, and emails associated with Mercury and other fintech accounts."
StackAware immediately inquired of Mercury as to whether StackAware customer or business partner information was involved in the breach, to which Mercury replied it was still investigating the incident.
We will issue an update clarifying if anything more than just StackAware's information was impacted by this breach as soon as we hear from Mercury.
4th party data breach - Mixpanel
At 1:59 AM on November 27, 2025, StackAware received a notification from OpenAI that their service provider, Mixpanel, had suffered a security incident.
StackAware does not directly use Mixpanel as a service provider, nor did this breach impact any StackAware customer data. We are providing this information purely for the purposes of transparency.
The following StackAware employee information was exposed to an unauthorized party, however, according to OpenAI:
- Name on OpenAI API account
- Email address associated with the OpenAI API account
- Approximate coarse location based on OpenAI API user browser (city, state, country)
- Operating system and browser used to access the OpenAI API account
- Referring websites
- Organization or User IDs associated with the OpenAI API account
Please see the OpenAI notification for details.
StackAware considers this matter to be closed.