Evolve Bank & Trust CyberSecurity Incident

Evolve Bank & Trust CyberSecurity Incident

Evolve Bank & Trust is a financial services provider ​​that provides a full range of deposit and lending products to individuals and small businesses. Evolve Bank & Trust is headquartered in Tennessee and wholly owned by Evolve Bancorp Inc.

In late May 2024, Evolve Bank & Trust identified an issue with its systems that was initially thought to be a hardware failure. However, an investigation by cybersecurity specialists revealed it was unauthorized activity, specifically a ransomware attack by the criminal organization LockBit. As per the statement provided by Evolve Bank & Trust, the attack stopped by May 31, 2024, and external experts were engaged to investigate and help restore services. Law enforcement has been notified.

The investigation indicates that the attackers gained access through a malicious link clicked by an employee. While there is no evidence of access to customer funds, customer information was accessed and downloaded during February and May. The threat actor also encrypted some data, but backups were available and Evolve Bank & Trust experienced limited data loss and impact on their operations. The bank refused to pay the ransom, leading the attackers to leak the data they had obtained and mistakenly attribute it to the Federal Reserve Bank.

In a filing with Maine’s attorney general on July 08, 2024, Evolve confirmed that the personal data of at least 7.6 million people, including more than 20,000 customers based in Maine, was accessed during the incident. The investigation indicates that files containing sensitive data—including names, Social Security numbers, bank account details, and contact information of personal banking customers and Open Banking partners—were affected.

An Evolve Bank & Trust partner, Affirm recently confirmed that the breach may have compromised some of their data and personal information of its customers. Another fintech startup Mercury, said in a post that the Evolve breach impacted some account numbers, deposit balances, business owner names, and emails. Evolve Bank & Trust is investigating potential impacts on information related to their Business, Trust, and Mortgage customers.

Since learning of the incident, Evolve Bank & Trust has taken actions to bolster its security measures:

  • Global password resets and reconstruction of critical Identity Access Management components such as Active Directory.
  • Enhanced firewall and dynamic security appliance configurations.
  • Deployment of endpoint detection and response tools to fortify network defenses.

What to do if you or your vendors have active relationships with Evolve Bank & Trust

Evolve Bank & Trust is directly notifying individuals affected by the recent incident involving personal information. All customers and partners need to take proactive measures to protect their personal information and mitigate potential risks including:

  • Monitor account activity closely for any unauthorized transactions or unusual activities.
  • Enroll in credit monitoring and utilize free fraud alerts provided by Equifax, Experian, and TransUnion. If fraud is suspected or unusual transactions are noticed, contact Evolve Bank & Trust promptly to report the issue.
  • In case of identity theft or fraud, a report should be filed with the Federal Trade Commission (FTC) or local law enforcement authorities. You can contact the FTC at:Federal Trade Commission
    600 Pennsylvania Avenue, NW
    Washington, DC 20580
    (877) ID-THEFT (438-4338)
    https://www.identitytheft.gov
  • For further information or additional questions, the Frequently Asked Questions page on Evolve Bank & Trust’s website provides detailed insights. Contact their dedicated Cyber Alert team at [email protected] or call 833.947.1379 for assistance.

Taking proactive measures is crucial to safeguard personal information and maintain security during this period of concern at Evolve Bank & Trust.

Sign up to try VISO TRUST today

Sign up for free

Try the VISO TRUST platform for free to see the CDK Global risk advisory in the context of your TPRM program and see if it impacts your vendors or your nth parties.