In late May 2024, Evolve Bank & Trust identified a cybersecurity incident that has since been confirmed as a ransomware attack by the LockBit group.
The breach, resulting from an employee clicking a malicious link, led to unauthorized access and the downloading of sensitive customer information. The attack has impacted various entities, including Affirm and Wise, who partnered with Evolve for financial services.
Evolve Bank & Trust first noticed system irregularities in May 2024, initially attributing them to hardware issues. However, cybersecurity specialists later identified unauthorized activity as the cause. The attack was halted by May 31, 2024, with no new incidents reported since. Investigations revealed that the attackers accessed customer data from Evolve's databases and file shares in February and May, encrypting some data but causing limited operational disruption due to available backups.
Evolve has taken several steps to enhance security, including:
- Global password resets
- Reconstruction of critical Identity Access Management components
- Hardening of firewall and dynamic security appliances
- Deployment of endpoint detection and response tools
- Ultimately, the bank refused to pay the ransom, resulting in the attackers leaking the stolen data.
Misattributed initially to the Federal Reserve Bank, the leaked data included names, Social Security numbers, bank account numbers, and contact information of personal banking customers and Open Banking partners. Employee data was also likely affected, with further investigations ongoing to determine the extent of the breach involving business, trust, and mortgage customer information.
Affirm and Wise impacted
Affirm, an Evolve issuing partner for the Affirm Card, confirmed that its systems were not accessed. However, Affirm Card users' personal information may have been compromised. Affirm has intensified fraud and unauthorized use monitoring of its cards and advised users to report any suspicious activity.
Wise, which partnered with Evolve from 2020 to 2023, also reported that some customers' personal information might have been compromised. Wise has assured its customers that their account credentials, USD account details, and card information remain secure and separate from Evolve. Wise recommends vigilance against phishing and fraud attempts, urging customers to follow security best practices and place fraud alerts with credit bureaus if necessary.
Evolve Bank & Trust has committed to supporting affected customers by offering two years of free credit monitoring and identity theft protection. Notifications will be sent via email starting July 8, 2024, with details on enrolling in credit monitoring and accessing assistance through a dedicated call center.
Customers are advised to:
- Monitor account activity and credit reports.
- Set up free fraud alerts with credit bureaus (Equifax, Experian, and TransUnion).
- Report any suspicious activity immediately.
- File reports with the Federal Trade Commission or local law enforcement if they suspect identity theft.
Grindr Fined $6 Million for Sharing Sensitive User Data
Leave a Reply