_umkinpie_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "Evolve Bank & Trust Reports 7M Affected in LockBit Breach")
Evolve Bank & Trust recently revealed in a disclosure to the Maine Attorney General that a whopping 7,640,112 individuals fell victim to a data breach that occurred back in May. This breach exposed a vast number of people to potential identity theft and fraud, causing concern among customers and industry experts alike.
According to the notice of data breach letter submitted by Evolve, the company initially believed that certain systems were malfunctioning due to hardware issues. However, further investigation revealed that there was unauthorized activity taking place within their network. This unauthorized access ultimately led to the extraction of sensitive customer information from the company’s database and file share.
In response to the breach, Evolve enlisted the help of third-party cybersecurity experts to conduct a thorough investigation into the incident. The company confirmed that while the hackers were able to access and download customer data, they did not manage to breach customer funds directly. The breach was attributed to the notorious LockBit ransomware group, who claimed responsibility for the attack and threatened to leak 33TB of data unless a ransom was paid. Upon the release of some of the stolen data, it became apparent that the information belonged to Evolve rather than the US Federal Reserve, as initially claimed by the hackers.
The compromised data varied from person to person, potentially including sensitive details such as names, Social Security numbers, dates of birth, and other personal and account information. This breach had far-reaching implications, extending beyond just Evolve’s customers. High-profile companies like Wise and Affirm, both of which had previously cut ties with Evolve, were also impacted by the breach, according to SEC filings.
In light of this breach, Evolve has been dedicated to notifying affected individuals promptly and providing them with resources to safeguard their personal information. The company advises users to monitor their account statements and credit histories vigilantly and offers a complimentary 24-month membership to TransUnion’s credit monitoring and identity theft protection services for those impacted. Additionally, Evolve extends fraud assistance to users who may have fallen victim to fraudulent activities as a result of the breach.
As the fallout from this data breach unfolds, the banking and cybersecurity industries are closely observing the incident for potential implications on data security practices. The breach serves as a stark reminder of the ever-present threat of cyberattacks and the importance of robust cybersecurity measures to protect sensitive customer information. Evolve Bank & Trust faces the challenging task of rebuilding trust with its customers and partners in the wake of this significant security incident.