{"id":165504,"date":"2024-07-09T20:49:42","date_gmt":"2024-07-09T20:49:42","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=165504"},"modified":"2024-07-09T20:49:43","modified_gmt":"2024-07-09T20:49:43","slug":"evolve-bank-data-breach-7-6m-people","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/165504\/cyber-crime\/evolve-bank-data-breach-7-6m-people.html","title":{"rendered":"Evolve Bank data breach impacted over 7.6 million individuals<\/gwmw>"},"content":{"rendered":"
<\/div>\n

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals.<\/h2>\n\n\n\n

At the end of June, the LockBit gang announced<\/a> that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including \u201cAmericans\u2019 banking secrets.\u201d<\/p>\n\n\n\n

Despite the announcement, data leaked data from the group belongs to the Arkansas-based financial organization Evolve Bank & Trust.<\/p>\n\n\n\n

The analysis of the data leaked by the LockBit group on its Tor leak site on June 26 confirmed the documents belong to the Evolve Bank & Trust.<\/p>\n\n\n\n

Evolve Bank & Trust published a notice on its website to confirm the security breach and announced it has launched an investigation into the incident. The financial organization confirmed that certain personal information may have been compromised. The financial organization refused to pay the ransom and the gang leaked the stolen data.<\/p>\n\n\n\n

\u201cEvolve Bank & Trust is making retail bank customers and financial technology partners\u2019 customers (end users) aware of a cybersecurity incident that may involve certain personal information, as well as the actions we have taken in response, and additional steps individuals may take.\u201d reads the notice<\/strong><\/a> of Cybersecurity Incident. \u201cEvolve is currently investigating a cybersecurity incident involving a known cybercriminal organization that appears to have illegally obtained and released on the dark web the data and personal information of some Evolve retail bank customers and financial technology partners\u2019 customers (end users). We take this matter extremely seriously and are working diligently to address the situation.\u201d<\/em><\/p>\n\n\n\n

Evolve has reported the incident to law enforcement, it also added that the incident has been completely contained.<\/p>\n\n\n\n

An update published on June 26, 2024 12:00pm confirmed that the company\u2019s retail banking customers\u2019 debit cards, online, and digital banking credentials do not appear to be impacted.<\/p>\n\n\n\n

Now Evolve Bank & Trust started notifying more than 7.6 million individuals. According to a data breach notification filed with the Office of the Maine Attorney General, the security breach impacted 7,640,112 individuals.<\/p>\n\n\n\n

Evolve has identified no new unauthorized activity on its network since May 31.<\/p>\n\n\n\n

“On May 29, 2024, Evolve identified that some of its systems were not working properly. While it initially appeared to be a hardware failure, we subsequently learned it was unauthorized activity. Evolve promptly initiated its incident response processes and stopped the attack. No new unauthorized activity on Evolve\u2019s systems has been identified since May 31, 2024.” reads the data breach notification<\/a>. “An investigation with assistance from a cybersecurity firm was initiated to investigate what happened and what data may have been impacted. Evolve also notified law enforcement and worked to add further protections to harden its systems. What personal information was involved? There is no evidence that the threat actors accessed any customer funds, but it appears the threat actors did access and download customer information”<\/em><\/p>\n\n\n\n

Last week, Fintech firms Wise and Affirm confirmed<\/a> they were both impacted by the Evolve Bank security breach.<\/p>\n\n\n\n

Pierluigi\u00a0Paganini<\/strong><\/a><\/p>\n\n\n\n

Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n

(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, ransomware)<\/strong><\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including \u201cAmericans\u2019 banking secrets.\u201d Despite the announcement, data leaked data […]<\/p>\n","protected":false},"author":1,"featured_media":4132,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,3],"tags":[88,182,15193,4112,9508,9506,10918,12931,687,841,1533],"class_list":["post-165504","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-cyber-crime","tag-cybercrime","tag-data-breach","tag-evolve-bank","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-lockbit","tag-pierluigi-paganini","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司