Search This Blog

Powered by Blogger.

Blog Archive

Labels

Major Ransomware Attack Targets Evolve Bank, Impacting Millions

Evolve Bank ransomware attack exposes personal data of 7.64 million, highlighting the urgent need for cybersecurity.

 


An Arkansas-based financial services organization confirmed the incident on July 1 shortly after the ransomware gang published data it claimed had been stolen during the attack and published it on its website. According to the company, there was no payment made to the ransom demand, so the stolen data was leaked online due to the failure to pay the ransom. 

Additionally, the bank also reported that the attackers had exfiltrated personal information from some of the bank's customers, including their names, Social Security numbers, and the bank account numbers associated with their accounts, along with their contact information. One of the nation's largest financial institutions, Evolve Bank & Trust, has shared the news of a data breach posing a massive threat to all 7.64 million individuals impacted by the data breach. 

After a period of system outages started occurring at the Arkansas-based bank in late May, officials initially thought that a "hardware failure" had caused the outages, but an investigation revealed that the outages were caused by a cyberattack. It was confirmed by Evolve that hackers infiltrated the company's network as early as February. This could have had a significant impact on sensitive customer data. 

Understandably, the official notification letter filed with the Maine Attorney General avoids specific details. Still, it is worth noting that the bank has acknowledged that it has lost names, social security numbers, bank account numbers, and contact information. The Maine Attorney General's Office was informed by one of the financial institutions on Monday that the personal information about 7,640,112 individuals was compromised in the attack and that it would provide them with 24 months of credit monitoring and identity protection due to the breach. 

Also on Monday, Evolve Bank started sending out written notifications to the impacted individuals, explaining that the ransomware attack occurred on May 29 and that the attackers had access to its network since at least February. Evolve did not specify what types of data had been compromised in the filing, but it previously said in a statement on its website that attackers accessed the names, Social Security numbers, bank account numbers, and contact information belonging to its personal banking customers, the personal data of Evolve employees and information belonging to customers of its financial technology partners. 

There are several partners in this list, including Affirm, which recently made a statement assuring customers that the Evolve breach "may have compromised some personal information and data" of its customers." Evolve's partner Mercury, which offers fintech solutions to businesses, made a statement on X in regards to the data breach that affected "some account numbers, deposit balances, and business owner names as well as emails" that were exposed. 

The money transfer company Wise (formerly TransferWise) confirmed last week that there may have been an issue with the confidentiality of some of its customers' personal information. A statement by Evolve confirmed this week that the intrusion was the result of a ransomware attack that was instigated by the Russia-linked LockBit group. LockBit's administrator, who was disrupted earlier this year by a multigovernmental operation, is still at large. 

When the bank discovered the hacker had accessed its systems in May, it was able to identify the intrusion as an attack by hackers. It's no secret that LockBit made a deal with hackers to release the compromised data on its dark web leak site, which has since been revived after Evolve refused to pay the ransom demand.  This letter, sent to customers, expresses Evolve's concern over the hacking of its customer database and a file-sharing system during February and May 2024, during which data about customers was accessed and downloaded. 

RaaS groups, like this one, often deploy misinformation or disinformation campaigns alongside cyberattacks as part of their tactics to cause confusion and add maximum impact to their operations. As a result of the breach at Evolve, financial institutions can be reminded of the critical need for them to take robust cybersecurity measures to prevent data breaches in the future. 

A growing number of open banking platforms are on the rise and several RaaS attacks are ever-present, as well as a growing warning about data security threats. Institutions need to prioritize data security and implement strong access controls, encryption, and incident response protocols to ensure that their data is secure.
Share it:

Banks

Cyber Attacks

CyberCrime

Cyberhackers

Cybersecurity

CyberThreat

Rasomware Attack