LockBit ransomware attack on Evolve Bank via US Federal Reserve

Evolve Bank, based in Arkansas, is currently investigating a potential cyber-attack on the servers of the Federal Reserve System, which may have exposed customer data. Reports indicate that a collection of records has surfaced on the dark web, linked to Evolve Bank & Trust customers, purportedly posted by the LockBit group across 21 web links.

Security analysts are divided on the authenticity and motives behind this data release. Some believe it’s a diversionary tactic, while others assert its connection to Evolve Bank, suggesting it stems from a failed ransom payment.

The situation escalated when the US Federal Reserve Board attempted to negotiate with the LockBit group through a ransom negotiator, offering $50,000, only to be rebuffed. The hackers are reportedly holding out for a much larger sum.

Evolve Bank faces significant risks as the hackers threaten to leak stolen data. The bank has enlisted forensic experts to mitigate the situation using various strategies, crucial for enhancing its risk management protocols, particularly in potential future partnerships.

Law enforcement agencies are advising against ransom payments, citing the encouragement of criminal behavior and the uncertainty of receiving decryption keys. Moreover, paying a ransom does not guarantee immunity from future attacks, as victims could be targeted again even after paying substantial sums.

The impact of Operation Cronos on the LockBit group, which previously appeared formidable, remains a subject of interest amidst these developments.

On July 1st,2024 Affirm Holdings issued a press statement that the personal details of Affirm card users could have been compromised in Evolve Bank Data Breach that occurred via breach of US Federal Reserve.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display