Evolve Bank & Trust, known for its crypto-friendly stance, acknowledged a data breach involving 33 TB of information due to a LockBit ransomware attack, linked to a group of Russian hackers.
According to an updated statement, in late May, some of the bank’s systems malfunctioned due to “unauthorized activity.” It is believed that the perpetrators gained network access when an employee inadvertently clicked on a malicious link.
With the help of external experts, the bank’s team managed to halt the attack by May 31.
Evolve Bank did not pay the ransom, restored the encrypted data from backups, launched an investigation, and contacted law enforcement.
However, the hackers downloaded a trove of information and released it online. The files contain personal data of most clients and employees, including names, social security numbers, account numbers, and contact details. Evolve Bank assured that user funds are not at risk.
Reporters from Fintech Business Weekly (FBW) published a report on the incident a day before the bank’s official statement was edited. In just one file examined, they found 155,586 accounts from services like Bitfinex, Nomad, Copper Banking, Juno Finance, and others. A spot check confirmed the leaked information’s authenticity.
“I cannot recall a leak of such a volume of personal consumer and commercial financial data becoming public,” commented a cybersecurity expert to the publication.
FBW also noted that Evolve Bank failed to notify partner services of the incident as required. For instance, Mercury, Bilt, Affirm, Wise, and many others received notification only at the end of June.
The publication also highlighted that despite the absence of direct financial losses for users, the information disclosed by hackers threatens the security of many. One consultant described the data as a perfect “hunting list” for criminals.
Some clients of Evolve Bank and its partners may face blackmail due to the “sensitivity” of the disclosed information, FBW suggested.
Back in February, UK law enforcement partially seized LockBit’s infrastructure and arrested 200 cryptocurrency wallets linked to the group.