Evolve Bank cyberattack exposes customer data and prompts US federal response
The timing of the breach highlights the pressing need for robust cybersecurity measures in financial institutions.
Arkansas-based Evolve Bank and Trust confirmed a cyberattack that led to customer data being leaked on the dark web. The cybercrime group Lockbit 3.0 claimed responsibility for the hack, demanding a ransom from the Federal Reserve. The bank has involved law enforcement in the investigation, providing free credit monitoring and identity theft protection to affected customers.
The breach follows a directive from the US Federal Reserve for Evolve to improve its risk management and compliance with anti-money laundering regulations. Additionally, Fintech company Mercury revealed that some of its customers’ account numbers and deposit balances were compromised, and those affected have been informed and given preventive measures.
Why does it matter?
The cyberattack on Evolve Bank exposed sensitive customer data to potential misuse, including identity theft and financial fraud. It highlights vulnerabilities in financial institutions’ cybersecurity defences, prompting data protection and regulatory compliance concerns.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.