BleepingComputer

2024-05-29 [vendor] Evolve Bank & Trust banking platform [malware] LockBit ransomware

Incident Details

Evolve Bank & Trust, an Arkansas-based fintech banking partner, was attacked by the LockBit ransomware gang in late May 2024. An employee clicked a malicious link, granting attackers access. LockBit exfiltrated 33 TB of data including personal data on 7.6 million Americans — names, Social Security numbers, dates of birth, account numbers, and ACH transaction records. The bank declined to pay the ransom; LockBit partially leaked the stolen data. Open banking partners such as Affirm, Wise, and Mercury were also impacted. A proposed $11.85 million class action settlement was reached. The Federal Reserve issued an enforcement action against the bank in June 2024.

Technical Details

Initial Attack Vector: CWE-601: URL Redirection to Untrusted Site (phishing link clicked by employee)
Vendor / Product: Evolve Bank & Trust banking platform
Malware Family: LockBit ransomware

Timeline

2024-05-29 Breach occurred
2024-06-26 Publicly disclosed
2024-07-08 Customers notified