Evolve Bank’s Investigation Finds LockBit’s Attack Impacted Over 7.6 Million Americans
Within a month of LockBit’s attack, Evolve Bank & Trust is sending notifications of the data breach to over 7.6 million Americans whose data was stolen. The bank’s investigation found that an employee clicked a malicious link, allowing a LockBit member to gain unauthorized access to the bank’s database and file shares. Learn more about the actions taken by the bank.
- Within a month of LockBit’s attack, Evolve Bank & Trust is sending notifications of the data breach to over 7.6 million Americans whose data was stolen.
- The bank’s investigation found that an employee clicked a malicious link, allowing a LockBit member to gain unauthorized access to the bank’s database and file shares.
Less than a month ago, LockBit, the notorious ransomware group, claimed that it had stolen 33TB of sensitive banking information from the US Federal Reserve. However, the data was proven to belong to Evolve Bank & Trust.
At the time of the breach, the bank had launched an investigation to gauge the scope and impact of the data breach. The investigation revealed that an employee clicked a malicious link, leading to a LockBit member gaining unauthorized access to the bank’s database and file shares. Evolve said that customer funds remained safe but admitted that the breach affected several fintech customers.
Now, the bank is sending notices of the data breach to over 7.6 million Americans whose data was stolen in this breach. The notice read, “On May 29, 2024, Evolve identified that some of its systems were not working properly. While it initially appeared to be a hardware failure, we subsequently learned it was unauthorized activity.”
While the compromise was discovered on May 29, the notification said that the initial breach occurred on February 9, which means LockBit had almost four months of dwell time in the bank’s network.
See more: Polyfill Supply Chain Attack Affects More Than 110,000 Websites
Evolve hasn’t disclosed the data types exposed in the sample letter submitted to the authorities. However, it is offering two years of identity protection and credit monitoring services for US residents and dark web monitoring services for international residents. Recipients should enroll for this offer by October 31 this year. Affected customers are advised to be cautious about unsolicited communications, closely monitor their credit history and account statements, and report any suspicious activity to authorities.
Talking about the breach, Dror Liwer, co-founder, Coro, told Spiceworks News & Insights, “We are seeing a massive increase in attacks on community banks and credit unions as they have the same sensitive information as the large financial institutions, with a fraction of the team size and resources needed for protection against attacks. The standard cybersecurity tools are simply not a good fit for a 400-employee bank that doesn’t have the budget or the team to acquire, integrate, manage, and maintain these tools, a fact attackers know well and exploit.”
Evolve has partnerships with entities like Shopify, Mercury, and Stripe. However, these organizations have yet to disclose whether the incident affected them.
MORE ON CYBER RISK MANAGEMENT
