Massive Data Breach at Evolve Bank Exposes Customer Information
A cyberattack at Evolve Bank and Trust has resulted in a massive data breach, with the theft of 33 terabytes of user data. While customer funds remain secure, sensitive customer information stored in the bank’s databases has been compromised. The breach has raised concerns about the security of personal data and has impacted various companies associated with the bank.
Evolve Bank’s Breach Impact on Bitfinex and Other Firms
The cyberattack has been attributed to the Russian ransomware group Lockbit, which has gained access to personal information of Bitfinex users and other individuals. The stolen data includes personally identifiable information (PII) such as names, addresses, social security numbers, account balances, and email addresses. Over 155.5k accounts linked to different firms like Bitfinex, Nomad, and Copper Banking are affected by the breach.
Response and Investigation by Evolve Bank
Evolve Bank acknowledged the breach after discovering unauthorized activity in late May, caused by an employee clicking on a malicious link. The bank acted swiftly to contain the attack, with no further unauthorized activity reported since May 31. Despite some data encryption by the threat actor, Evolve managed to minimize the impact on its operations due to backups. The bank refused to pay the ransom demanded by Lockbit and clarified that the data was erroneously linked to the Federal Reserve.
“The investigation is ongoing, but it appears that personal banking customers, Open Banking partners, and employees have been affected with exposed information including names, Social Security numbers, bank account details, and contact information.”
Delayed Notification and Impact on Fintech Companies
Following the breach, several fintech companies associated with Evolve Bank have alerted their customers about potential data compromise. However, reports indicate that Evolve delayed informing affected organizations and individuals until the breach was publicly disclosed. This delay in notification has raised concerns about transparency and timely communication in such security incidents.
Evolve Bank’s Efforts to Ensure Data Security
Evolve Bank has assured customers that steps are being taken to enhance data security and prevent future cyberattacks. The bank is working closely with cybersecurity experts to investigate the breach, strengthen security measures, and ensure the safety of customer information. Despite the challenges posed by the incident, Evolve remains committed to safeguarding customer data and maintaining trust in its financial services.
By
By
By
By
