In May 2024, Evolve Bank & Trust published a notice, identifying a significant data breach arranged by the LockBit ransomware group. This breach affects over 7.6 million people, including Evolve employees, their personal banking customers, and customers of its financial technology partners. The information accessed includes names, Social Security numbers, bank account numbers, and contact information.
What Happened
Evolve Bank initially noticed some systems were not properly working, prompting an investigation. Cybersecurity specialists could determine the cause was due to unauthorized activity. A criminal organization gained access to their systems and could download customer information from databases during periods in February and May. The stolen data, which varies by individual, was subsequently made available on the dark web.
LockBit Ransomware
This data breach was the result of a ransomware attack from a Russia-linked LockBit gang. Ransomware is a type of malware that holds the victim’s data hostage unless they pay the ransom. Evolve Bank declined to pay cybercriminals’ ransom demand, leading to the public release of the stolen data. LockBit is known for threatening enterprises and government organizations to request financial payment in exchange for decryption.
Evolve Bank Fintech Partners
Evolve has at least 15 partners, including Mercury, Mastercard, Visa, and Affirm, all of which could have the adverse affects from the breach. All potential customers should monitor account activity and credit reports. Some of the partners have put out statements confirming the breach may have compromised some data and personal information.
What is Evolve Doing?
The bank assures no impact on the retail banking customers’ debit cards, online banking, and digital banking credentials. Through engaging law enforcement and cyber forensic experts, they believe that this incident has no ongoing threat. They have reset passwords globally, along with adding additional security appliances, and strengthening security tools. Evolve Bank will notify necessary individuals about this cybersecurity incident through email.
Contact a Data Breach Attorney
It is important to contact a data breach attorney to ensure you are protecting your rights, as data breaches invade your personal privacy. Attorneys can help victims obtain damages for unauthorized charges, damage to credit, cost of credit monitoring, and making sure all federal and state laws are being followed. Our experienced team is here to assist you in getting fair compensation. Maginnis Howard has three offices with locations in Charlotte, Raleigh, and Fayetteville. To reach an intake specialist, visit our contact page or submit an inquiry through our Live Chat feature. You may also call us at (919) 526-0450. We accept clients across the Carolinas.