HomeMalware & ThreatsEvolve Reveals Data Breach Involving 7.6M Individuals

Evolve Reveals Data Breach Involving 7.6M Individuals

Published on

spot_img
Evolve Reveals Data Breach Involving 7.6M Individuals

Evolve Bank & Trust recently made a shocking revelation that hackers managed to breach their systems and access the data of over 7.6 million individuals. This security incident was first detected in May, and the Arkansas-based bank has been dealing with the aftermath ever since.

The breach came to light after Evolve’s name appeared on the leak site associated with LockBit, a Russian-speaking ransomware-as-a-service operation, at the end of June. Since then, the bank has been transparent about the breach and has been working to address the situation.

According to the official disclosure from Evolve, the initial signs of a malicious breach were detected on May 29, initially attributed to a “hardware failure.” However, further investigation revealed that hackers had actually infiltrated the bank’s systems as far back as February. The company stated that no new unauthorized activity has been identified on their systems since May 31, 2024.

The total number of individuals affected by this breach is a staggering 7,640,112, including both Evolve clients and customers of its banking platform. Evolve Bancorp, the parent company, operates both a traditional bank and open banking services, catering to various fintech companies through banking as a service.

While Evolve did not specify the exact types of data that were compromised in the breach, they have confirmed that names, Social Security numbers, bank account numbers, and contact information were among the stolen information. This breach has had far-reaching consequences, as affected customers of Evolve, including prominent companies like Affirm and Wise, are now notifying their own customers about the breach.

The timing of this incident couldn’t have been worse for Evolve, as just before the breach was disclosed, the Federal Reserve Board had ordered the bank to enhance its anti-money laundering and risk management programs. Interestingly, LockBit initially claimed to have targeted the Federal Reserve itself, based on a stolen document that mentioned the “United States Federal Reserve.” However, it was later clarified that the actual victim was Evolve Bank & Trust.

In the aftermath of this breach, Evolve is working tirelessly to mitigate the damage and enhance its security measures to prevent similar incidents in the future. The financial industry as a whole is closely watching how Evolve handles this situation and reinforces its cybersecurity defenses to protect both their own interests and those of their customers.

Overall, this breach serves as a stark reminder of the constant threat posed by cybercriminals and the critical importance of robust cybersecurity measures in safeguarding sensitive data. As Evolve and other organizations work to recover from such incidents, it underscores the necessity of proactive security measures and swift incident response protocols to minimize the impact of data breaches on individuals and businesses alike.

Source link

Latest articles

Crowdstrike confirms Microsoft Windows outage not a cyber attack

Millions of PCs running Windows 10 and 11 Operating Systems are currently grappling with...

Sunburst: US Judge Dismisses Majority of SEC Charges Against SolarWinds

In a recent development, a US judge has dismissed the majority of the accusations...

Mitigating Human Risk in Cybersecurity Goes Far Beyond Training

In the realm of cybersecurity, the human element often emerges as a prevalent risk...

A UK teenager has been arrested in connection to a global cybercrime group that targeted MGM Resorts

A teenager from Walsall, England, was arrested in connection with a cyber online crime...

More like this

Crowdstrike confirms Microsoft Windows outage not a cyber attack

Millions of PCs running Windows 10 and 11 Operating Systems are currently grappling with...

Sunburst: US Judge Dismisses Majority of SEC Charges Against SolarWinds

In a recent development, a US judge has dismissed the majority of the accusations...

Mitigating Human Risk in Cybersecurity Goes Far Beyond Training

In the realm of cybersecurity, the human element often emerges as a prevalent risk...
en_USEnglish