Evolve Bank and Trust Massive Data Breach
Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
In late May 2024, Evolve Bank & Trust, with customers including Bitfinex, Nomad, and Copper Banking, identified some of its systems that were not working properly. While it initially appeared to be a hardware failure, they subsequently engaged cybersecurity specialists to investigate and determined that unauthorized activity may have been the cause. They promptly initiated an incident response processes, stopped the attack within days, and have seen no new unauthorized activity since May 31, 2024. The incident was reported to law enforcement and they have offered various identity protection services to affected custoemrs.[1][2][3][4][5][6][7][8][9]
About Evolve Bank And Trust
"Welcome to Evolve Bank & Trust Your Financial Success. Evolved. Best-in-class financial technology solutions delivering personal and business success. Powering the future of banking."
"Founded in 1925, Evolve Bank & Trust started as a small bank helping develop farming towns in eastern Arkansas. Since that time, we have evolved into a national best-in-class financial services institution that combines the expertise of a bank and the power of technology to offer our clients unique profitable solutions. Evolve is committed to our core values of integrity, financial strength, and operational excellence in all areas of our business."
"Evolve proudly commits resources to community organizations that drive the success of our neighborhoods. To achieve this, we support initiatives and organizations connected to economic development, financial literacy, youth development, health and human services, the arts, and culture. Every year, our Evolve associates volunteer with local non-profit agencies that are serving areas with the most need."
"At Evolve Bank & Trust, we strive to create an environment where employees and customers are valued and appreciated. We are committed to maintaining a culture inclusive of different viewpoints, thoughts, opinions, and ideas where everyone is welcome, and diversity is embraced. In our world of diversity, we see strength and the individualism that each person is encouraged to contribute to the greater good. We are committed to fostering inclusion and diversity at local, regional, and even global levels, whether through work within our core teams or by way of organizations, volunteer opportunities, round-table discussions, or workshops."
The Reality
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
There was unauthorized access prior to May 31st, 2024.
| Date | Event | Description |
|---|---|---|
| May 31st, 2024 | No Further Unauthorized | No further unauthorized activity is noted after this point. |
| July 1st, 2024 11:40:33 AM MDT | Protos Article Published | Protos publishes an article about the data breach. |
| July, 2024 | Update Posted | Evolve posts an update to inform that they continue to "work around the clock to respond to the recent cybersecurity incident". |
| July 3rd, 2024 | Update Posted | Evolve posts an update to inform that they expect to start individual notifications on July 8th. |
Technical Details
"Crypto-friendly Evolve Bank and Trust has admitted that it has known about ‘unauthorized activity’ — specifically the theft of 33 terabytes of user data — for the past month despite only notifying end users about the breach last week."
Total Amount Lost
"The data stolen from Evolve Bank reportedly includes personally identifiable information (PII), such as names, addresses, social security and tax ID numbers, dates of birth, account balances, and email addresses. The data reportedly comes from 155,586 accounts linked to firms including Bitfinex, Nomad, and Copper Banking."
No funds were lost.
Immediate Reactions
"On July 1, according to Protos, the crypto-friendly bank Evolve Bank & Trust recently admitted that despite discovering "unauthorized activity"—specifically, the theft of 33 TB of user data—a month ago, they only publicly disclosed the incident last week. Reportedly, the stolen data pertains to 155,586 accounts associated with companies like Bitfinex, Nomad, and Copper. The bank stated that the data breach was due to an employee clicking on a malicious link and that the attack was halted within a few days, with no further unauthorized activity detected."
Ultimate Outcome
"Evolve is on schedule to commence individual notifications starting July 8, 2024. These notifications will include an offer of two years of comprehensive credit monitoring and identity protection services for U.S. residents, while international residents will be offered dark web monitoring services where available. Additionally, the notices will provide detailed information on these services, along with instructions for registration and contact details for our dedicated call center, established to assist with enrollment and address any inquiries related to the incident.
Our initial round of notifications is expected to be completed over approximately two weeks. As previously mentioned, our investigation is ongoing, and we anticipate subsequent, smaller rounds of notifications.
We appreciate your ongoing patience throughout this process and regret any inconvenience caused by this incident."
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ SlowMist Hacked - SlowMist Zone (Accessed Jul 5, 2024)
- ↑ 外媒:Evolve Bank在攻击事件中泄露了Bitfinex、Copper、Nomad用户的个人数据 - PANews (Accessed Jul 5, 2024)
- ↑ Evolve Bank leak has personal data of Bitfinex, Copper Banking, Nomad users (Accessed Jul 5, 2024)
- ↑ Cybersecurity Incident | Evolve Bank & Trust (Accessed Jul 5, 2024)
- ↑ @mikulaja Twitter (Accessed Jul 5, 2024)
- ↑ Evolve Hack Crisis: Russia-Linked Cybergang Leaks Records On Millions (Accessed Jul 5, 2024)
- ↑ Customer data from crypto-friendly Evolve Bank leaked by Lockbit (Accessed Jul 5, 2024)
- ↑ @mikulaja Twitter (Accessed Jul 5, 2024)
- ↑ Cybersecurity Incident | Evolve Bank & Trust (Accessed Jul 5, 2024)