HomeMalware & ThreatsEvolve Reveals Data Breach Involving 7.6M Individuals

Evolve Reveals Data Breach Involving 7.6M Individuals

Published on

spot_img

Evolve Bank & Trust recently made a shocking revelation that hackers managed to breach their systems and access the data of over 7.6 million individuals. This security incident was first detected in May, and the Arkansas-based bank has been dealing with the aftermath ever since.

The breach came to light after Evolve’s name appeared on the leak site associated with LockBit, a Russian-speaking ransomware-as-a-service operation, at the end of June. Since then, the bank has been transparent about the breach and has been working to address the situation.

According to the official disclosure from Evolve, the initial signs of a malicious breach were detected on May 29, initially attributed to a “hardware failure.” However, further investigation revealed that hackers had actually infiltrated the bank’s systems as far back as February. The company stated that no new unauthorized activity has been identified on their systems since May 31, 2024.

The total number of individuals affected by this breach is a staggering 7,640,112, including both Evolve clients and customers of its banking platform. Evolve Bancorp, the parent company, operates both a traditional bank and open banking services, catering to various fintech companies through banking as a service.

While Evolve did not specify the exact types of data that were compromised in the breach, they have confirmed that names, Social Security numbers, bank account numbers, and contact information were among the stolen information. This breach has had far-reaching consequences, as affected customers of Evolve, including prominent companies like Affirm and Wise, are now notifying their own customers about the breach.

The timing of this incident couldn’t have been worse for Evolve, as just before the breach was disclosed, the Federal Reserve Board had ordered the bank to enhance its anti-money laundering and risk management programs. Interestingly, LockBit initially claimed to have targeted the Federal Reserve itself, based on a stolen document that mentioned the “United States Federal Reserve.” However, it was later clarified that the actual victim was Evolve Bank & Trust.

In the aftermath of this breach, Evolve is working tirelessly to mitigate the damage and enhance its security measures to prevent similar incidents in the future. The financial industry as a whole is closely watching how Evolve handles this situation and reinforces its cybersecurity defenses to protect both their own interests and those of their customers.

Overall, this breach serves as a stark reminder of the constant threat posed by cybercriminals and the critical importance of robust cybersecurity measures in safeguarding sensitive data. As Evolve and other organizations work to recover from such incidents, it underscores the necessity of proactive security measures and swift incident response protocols to minimize the impact of data breaches on individuals and businesses alike.

Source link

Latest articles

OAuth Client ID Spoofing Allows Attackers to Validate Stolen Microsoft Entra Credentials

New Technique in Cybersecurity: OAuth Client ID Spoofing Poses Threat to Cloud Environments In an...

Industry Response to Gold Eagle Vulnerability Management Plan

The tech industry is currently navigating a landscape of cautious optimism following the U.S....

23andMe Encounters New Security Requirements in $18 Million Data Breach Settlement

Major Settlement Reached Between 23andMe and Coalition of Attorneys General In a significant development stemming...

CISOs Warn That Boardrooms Still Struggle to Understand the Human Cyber Risk Amplified by AI

The Growing Disconnect Between European CISOs and C-suite Awareness of Cyber Risks Recent research has...

More like this

OAuth Client ID Spoofing Allows Attackers to Validate Stolen Microsoft Entra Credentials

New Technique in Cybersecurity: OAuth Client ID Spoofing Poses Threat to Cloud Environments In an...

Industry Response to Gold Eagle Vulnerability Management Plan

The tech industry is currently navigating a landscape of cautious optimism following the U.S....

23andMe Encounters New Security Requirements in $18 Million Data Breach Settlement

Major Settlement Reached Between 23andMe and Coalition of Attorneys General In a significant development stemming...