Introduction
What Happened?
In late May 2024, Evolve Bank & Trust experienced operational disruptions initially suspected to be hardware failure. However, further investigation revealed unauthorized activity within its systems. Evolve Bank & Trust swiftly engaged cybersecurity experts and initiated incident response protocols, successfully halting the cyberattack by May 31, 2024. Law enforcement was immediately notified, and external specialists were brought in to investigate the scope of the incident and restore system functionality.
The investigation revealed a ransomware attack orchestrated by the LockBit criminal organization. The breach originated when an employee inadvertently clicked a malicious link, granting the attackers access to Evolve Bank & Trust’s systems. While there is no evidence suggesting customer funds were accessed, the attackers did manage to access and download customer data from databases and file shares between February and May. Furthermore, some data encryption occurred within the bank’s environment. Fortunately, robust backups minimized data loss and operational impact. Evolve Bank & Trust made the firm decision not to pay the ransom. Subsequently, LockBit leaked the stolen data online, mistakenly attributing the breach to the Federal Reserve Bank.
Evolve Bank & Trust’s Response
Upon detection of the cybersecurity incident, Evolve Bank & Trust implemented immediate and comprehensive measures to secure its environment and protect customer data. These actions include:
- Global Password Resets: All system passwords were immediately reset as a precautionary measure.
- Identity Access Management (IAM) Reconstruction: Critical IAM components, including Active Directory, were rebuilt to enhance security.
- Enhanced Firewall and Security Appliances: Firewalls and dynamic security appliances were further hardened to prevent future intrusions.
- Endpoint Detection and Response (EDR) Deployment: Advanced EDR and other security tools were deployed to fortify the network’s defenses.
Evolve Bank & Trust is continuously working to strengthen its security response protocols, policies, and procedures to improve its ability to detect and effectively respond to any future security threats.
Impacted Information
The ongoing investigation confirms that files were downloaded from Evolve Bank & Trust’s systems. Current findings indicate that the compromised data includes:
- Names
- Social Security numbers
- Bank account numbers
- Contact information
This breach primarily affects personal banking customers and customers of Evolve Bank & Trust’s Open Banking partners. Regrettably, personal information of Evolve Bank & Trust employees was also likely impacted. Updated information released on August 27, 2024, further specifies that for a majority of personal, mortgage, trust, and small business banking customers, as well as Open Banking partners’ customers, the affected information includes names, Social Security numbers, Evolve account numbers, dates of birth, and contact information. A small percentage of these individuals also had debit card numbers compromised. Additionally, ACH transaction records, containing financial account numbers, routing numbers, and names of both payors and payees, were also included in the affected files.
The investigation is still underway to determine the full scope of impacted personal information, including data related to Business, Trust, and Mortgage customers.
Customer Support and Actions
Evolve Bank & Trust is dedicated to supporting all customers and partners affected by this cybersecurity incident. The bank has initiated a comprehensive notification process, commencing on July 8, 2024, to directly inform each individual whose personal information was compromised.
As part of its commitment to customer protection, Evolve Bank & Trust is offering affected individuals two years of complimentary credit monitoring and identity theft protection services. For U.S. residents, this is comprehensive credit monitoring and identity protection. International residents, where available, will receive dark web monitoring services. Notifications include detailed information about these services, registration instructions, and contact details for a dedicated call center established to assist with enrollment and address any questions related to the incident.
Important Email Notification Information: Official email notifications regarding this incident will only be sent from the following verified email addresses: [email protected] and [email protected]. Any email claiming to be from Evolve Bank & Trust about this security incident originating from any other email address should be considered illegitimate.
Recommended Actions for Customers: Evolve Bank & Trust strongly encourages all personal banking customers and end-users of financial technology partners to take proactive steps to protect their information. These steps include:
- Account Monitoring: Regularly monitor your account activity for any unauthorized transactions.
- Credit Report Review: Obtain and carefully review your credit reports from Equifax, Experian, and TransUnion. You can access free credit reports at Freecreditreport.com.
- Fraud Alerts: Consider setting up free fraud alerts with the nationwide credit bureaus: Equifax, Experian, and TransUnion.
- Report Suspicious Activity: Immediately contact Evolve Bank & Trust if you suspect any fraudulent or suspicious activity.
If you believe you may be a victim of identity theft or fraud, you have the right to file a report with the Federal Trade Commission (FTC) or local law enforcement.
Federal Trade Commission Contact Information:
Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, DC 20580
(877) ID-THEFT (438-4338)
Conclusion
Evolve Bank & Trust deeply regrets the inconvenience and concern this cybersecurity incident has caused. The bank remains steadfast in its commitment to transparency, customer security, and maintaining the trust placed in Evolve Bank & Trust. For further information and answers to frequently asked questions, please visit the Frequently Asked Questions page or contact Evolve Bank & Trust directly at [email protected] or 833.947.1379. Evolve Bank & Trust appreciates your continued patience and understanding as it navigates this challenging situation.
