Evolve Bank and Trust recently revealed a ransomware attack that resulted in the theft of 33 terabytes of user data, the exposure of sensitive information linked to over 150,000 accounts, and highlighted significant cybersecurity gaps.
Customer Deposits Disappear
Evolve Bank and Trust confirmed a significant data breach that led to the theft of 33 terabytes of user data. The bank was aware of the situation last month but only disclosed it to users last week.
The bank facilitated customer accounts for the fintech company Synapse, which declared bankruptcy in April. Following Synapse’s collapse, it is reported that $109 million in customer deposits held by several banks, including Evolve, for the fintech company Yotta, disappeared.
Ransomware Group Leaks Sensitive Data
The ransomware group Lockbit, responsible for the attack, demanded an undisclosed ransom, stating that initial negotiations had failed and suggesting that Evolve hire a new negotiator within 48 hours.
The group then leaked the stolen data, which included parental directories, torrents, and compressed archive files from Evolve Bank and Trust. Lockbit had previously threatened to release data from the Federal Reserve, claiming it contained American banking secrets.
As part of the data leak, Lockbit published a press release highlighting the Federal Reserve’s enforcement action against Evolve Bank. The bank had agreed to a cease and desist order in June after the Federal Reserve found it involved in unsafe and unsound banking practices, particularly in its fintech partnerships.
The bank did not pay the ransom and claimed that Lockbit misattributed the data to the U.S. Federal Reserve.
Delayed Notification and Data Content
Despite these events, Evolve Bank only notified affected fintech companies and end-users when the breach became public last week. The bank reported on Monday that its systems experienced unauthorized activity in late May caused by an employee clicking on a malicious link. Evolve claims it stopped the attack within days and has not observed further unauthorized activity since May 31.
The stolen data includes personally identifiable information (PII), such as names, addresses, Social Security numbers, tax ID numbers, birthdates, account balances, and email addresses. The data is linked to 155,586 accounts associated with companies, including Bitfinex, Nomad, and Copper Banking.
Reporting and Legal Actions
Jason Mikula of Fintech Business Weekly reported on the breach, noting Evolve Bank’s delay in notifying those affected. Mikula later received a cease and desist email from Evolve after his report, clarifying that he had no intention of sharing sensitive PII.
An anonymous executive affected by the breach reportedly requested from Mikula the leaked files, as they had not received confirmation from Evolve.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
No Comment! Be the first one.