CyberSecurityBoard
Sponsor Register Login

LockBit Attack Targets Evolve Bank, Not Federal Reserve

Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week.
LockBit had drawn attention to itself earlier this week after claiming to have hacked the US Federal Reserve.
The statement noted the company had contacted law enforcement authorities as part of the bank's investigation and response efforts.
The company added that retail banking customers' debit cards, online, and digital banking credentials did not seem to be affected by the breach.
Evolve Already Target of Fed Action Earlier this month, the Federal Reserve Board issued an enforcement action against Evolve Bancorp and Evolve Bank & Trust, accusing the company of deficiencies in their anti-money laundering, risk management, and consumer compliance programs.
Ai, said in an emailed statement that once an organization experiences a breach, and the smoke begins to clear, the biggest decision is what to do next.
That means that teams must find the attack path that allowed the breach to happen, and they need to uncover other attack paths that could enable it to happen again.
Financial Sector Defenses Must Evolve Piyush Pandey, CEO at Pathlock, says the recent enforcement action against Evolve Bancorp underscores the critical importance of robust sensitive data and application access controls within financial institutions.
He also points out that the interconnectedness and complexity of supply chains in the financial sector increases the difficulty of managing and securing third-party access.
He adds that by focusing on rigorous controls testing and enforcement, including stringent management of third-party identities and access, financial institutions can significantly strengthen their security posture, protect sensitive data, and ensure compliance with regulatory requirements.
Narayana Pappu, CEO at Zendata, notes that financial and medical institutions store significant amount highly sensitive data with significant monetary impact for exposed organizations.
From his perspective, data minimization - not capturing or storing data that is not needed - would help these institutions significantly.


This Cyber News was published on www.darkreading.com. Publication date: Fri, 28 Jun 2024 15:10:08 +0000


Cyber News related to LockBit Attack Targets Evolve Bank, Not Federal Reserve

LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
1 week ago Techtarget.com
LockBit lied: Stolen data is from a bank, not US Federal Reserve - Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit ...
1 week ago Bleepingcomputer.com
Federal Reserve "breached" data may actually belong to Evolve Bank - A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. You can imagine that everyone was anticipating the end of the countdown that ...
1 week ago Malwarebytes.com
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
4 months ago Americansecuritytoday.com
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
4 months ago Darkreading.com
LockBit Claims Breaching the US Federal Reserve but Fails to Prove It - On June 23rd, LockBit announced breaching the US Federal Reserve System, while security experts remained skeptical. The Russian threat group claimed to exfiltrate 33 terabytes of banking information from the USA's central bank servers. After the ...
1 week ago Heimdalsecurity.com
Fintech company Affirm says Evolve Bank attack exposed customer info - Financial technology company Affirm told regulators this week that a cyberattack on a banking partner exposed customer information. Affirm - which runs one of the biggest buy now, pay later platforms - told the Securities and Exchange Commission on ...
5 days ago Therecord.media
LockBit Attack Targets Evolve Bank, Not Federal Reserve - Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week. LockBit had drawn attention to itself earlier this week after ...
1 week ago Darkreading.com
Affirm says cardholders impacted by Evolve Bank data breach - Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust. Evolve is a large financial services provider specializing ...
5 days ago Bleepingcomputer.com
Evolve Bank confirms data breach after brazen LockBit claims - Arkansas-based Evolve Bank & Trust confirmed on Wednesday that hackers stole customer information and posted it on the dark web. Victims will be contacted with more information on free credit monitoring services, and some impacted customers will be ...
1 week ago Therecord.media
Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit - Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers. The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve. ...
5 days ago Securityweek.com
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
6 months ago Heimdalsecurity.com
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
4 months ago Krebsonsecurity.com
CyberCrime & Doing Time: Identification Documents: an Obsolete Fraud Countermeasure - When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. In the new case, Brianna Mills, a 28-year old bank teller in Loganville, Georgia ...
4 months ago Garwarner.blogspot.com
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
7 months ago Jdsupra.com
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach - A ransomware attack against a large financial services provider has become a problem for many companies it works with, two of which have already alluded to potential negative impacts on customer data. The infamous LockBit group earned some undue ...
5 days ago Darkreading.com
Nationwide Banking Crisis: Servers Down, UPI Transactions in Jeopardy - Several bank servers have been reported to have been down on Tuesday, affecting Unified Payments Interface transactions throughout the country. Several users took to social media platforms and reported that they encountered issues while making UPI ...
4 months ago Cysecurity.news
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
1 year ago Securityaffairs.com
Encore Bank Notifies Customers of Data Breach After Hackers Access an Employee Email Account - On January 31, 2024, Encore Bank filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized party was able to gain access to an employee's email account. In this notice, Encore Bank explains that ...
5 months ago Jdsupra.com
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
3 months ago Techtarget.com
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
4 months ago Techrepublic.com
CyberCrime & Doing Time: Classic Baggie: Part Three - He claimed he was selected as an independent contractor to rebuild a fleet of airplanes for KLM Royal Dutch Airlines, who had wired him $3.5 Million Euros into his Swiss bank account at Neue Privat Bank. His attorney, Phillip Richardson, said that he ...
5 months ago Garwarner.blogspot.com
Law enforcement trolls LockBit, reveals massive takedown - In an act of exquisite trolling, the UK's National Crime Agency has announced further details about its disruption of the LockBit ransomware group by using the group's own dark web website. Since the demise of Conti in 2022, LockBit has been ...
4 months ago Malwarebytes.com
Cops dismantled LockBit before latest variant hit market The Register - Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market, research reveals. As part of the daily LockBit leaks this week, Trend Micro's report on the group, ...
4 months ago Go.theregister.com
LockBit Remains Top Global Ransomware Threat - The LockBit ransomware strain continues to be the primary digital extortion threat to all regions, and almost all industries globally, according to a report by ZeroFox. Researchers found that LockBit was leveraged in more than a quarter of global ...
7 months ago Infosecurity-magazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)