Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

LockBit Attack Targets Evolve Bank, Not Federal Reserve

Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week.
LockBit had drawn attention to itself earlier this week after claiming to have hacked the US Federal Reserve.
The statement noted the company had contacted law enforcement authorities as part of the bank's investigation and response efforts.
The company added that retail banking customers' debit cards, online, and digital banking credentials did not seem to be affected by the breach.
Evolve Already Target of Fed Action Earlier this month, the Federal Reserve Board issued an enforcement action against Evolve Bancorp and Evolve Bank & Trust, accusing the company of deficiencies in their anti-money laundering, risk management, and consumer compliance programs.
Ai, said in an emailed statement that once an organization experiences a breach, and the smoke begins to clear, the biggest decision is what to do next.
That means that teams must find the attack path that allowed the breach to happen, and they need to uncover other attack paths that could enable it to happen again.
Financial Sector Defenses Must Evolve Piyush Pandey, CEO at Pathlock, says the recent enforcement action against Evolve Bancorp underscores the critical importance of robust sensitive data and application access controls within financial institutions.
He also points out that the interconnectedness and complexity of supply chains in the financial sector increases the difficulty of managing and securing third-party access.
He adds that by focusing on rigorous controls testing and enforcement, including stringent management of third-party identities and access, financial institutions can significantly strengthen their security posture, protect sensitive data, and ensure compliance with regulatory requirements.
Narayana Pappu, CEO at Zendata, notes that financial and medical institutions store significant amount highly sensitive data with significant monetary impact for exposed organizations.
From his perspective, data minimization - not capturing or storing data that is not needed - would help these institutions significantly.

This Cyber News was published on www.darkreading.com. Publication date: Fri, 28 Jun 2024 15:10:08 +0000

Cyber News related to LockBit Attack Targets Evolve Bank, Not Federal Reserve

LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
1 year ago Techtarget.com LockBit

LockBit lied: Stolen data is from a bank, not US Federal Reserve - Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit ...
1 year ago Bleepingcomputer.com LockBit

Federal Reserve "breached" data may actually belong to Evolve Bank - A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. You can imagine that everyone was anticipating the end of the countdown that ...
1 year ago Malwarebytes.com LockBit

U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
1 year ago Americansecuritytoday.com LockBit

Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
1 year ago Darkreading.com LockBit Ragnar Locker

LockBit Claims Breaching the US Federal Reserve but Fails to Prove It - On June 23rd, LockBit announced breaching the US Federal Reserve System, while security experts remained skeptical. The Russian threat group claimed to exfiltrate 33 terabytes of banking information from the USA's central bank servers. After the ...
1 year ago Heimdalsecurity.com LockBit

Fintech company Affirm says Evolve Bank attack exposed customer info - Financial technology company Affirm told regulators this week that a cyberattack on a banking partner exposed customer information. Affirm - which runs one of the biggest buy now, pay later platforms - told the Securities and Exchange Commission on ...
1 year ago Therecord.media LockBit

LockBit Attack Targets Evolve Bank, Not Federal Reserve - Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week. LockBit had drawn attention to itself earlier this week after ...
1 year ago Darkreading.com LockBit

Affirm says cardholders impacted by Evolve Bank data breach - Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust. Evolve is a large financial services provider specializing ...
1 year ago Bleepingcomputer.com LockBit

Evolve Bank confirms data breach after brazen LockBit claims - Arkansas-based Evolve Bank & Trust confirmed on Wednesday that hackers stole customer information and posted it on the dark web. Victims will be contacted with more information on free credit monitoring services, and some impacted customers will be ...
1 year ago Therecord.media LockBit

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
1 year ago Krebsonsecurity.com LockBit

LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
1 year ago Heimdalsecurity.com LockBit

Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit - Fintech companies Wise and Affirm have revealed that the recent data breach suffered by Evolve Bank impacts some of their customers. The notorious ransomware group LockBit recently threatened to leak data allegedly stolen from the US Federal Reserve. ...
1 year ago Securityweek.com LockBit

CyberCrime & Doing Time: Identification Documents: an Obsolete Fraud Countermeasure - When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. In the new case, Brianna Mills, a 28-year old bank teller in Loganville, Georgia ...
1 year ago Garwarner.blogspot.com

Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
11 months ago Bleepingcomputer.com LockBit

Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
1 year ago Jdsupra.com

Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach - A ransomware attack against a large financial services provider has become a problem for many companies it works with, two of which have already alluded to potential negative impacts on customer data. The infamous LockBit group earned some undue ...
1 year ago Darkreading.com LockBit

LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
1 year ago Techtarget.com CVE-2024-1708 CVE-2024-1709 LockBit

Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
2 years ago Securityaffairs.com LockBit

LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
1 year ago Techrepublic.com LockBit

Nationwide Banking Crisis: Servers Down, UPI Transactions in Jeopardy - Several bank servers have been reported to have been down on Tuesday, affecting Unified Payments Interface transactions throughout the country. Several users took to social media platforms and reported that they encountered issues while making UPI ...
1 year ago Cysecurity.news

Encore Bank Notifies Customers of Data Breach After Hackers Access an Employee Email Account - On January 31, 2024, Encore Bank filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized party was able to gain access to an employee's email account. In this notice, Encore Bank explains that ...
1 year ago Jdsupra.com

Law enforcement trolls LockBit, reveals massive takedown - In an act of exquisite trolling, the UK's National Crime Agency has announced further details about its disruption of the LockBit ransomware group by using the group's own dark web website. Since the demise of Conti in 2022, LockBit has been ...
1 year ago Malwarebytes.com LockBit Cloak

Cops dismantled LockBit before latest variant hit market The Register - Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market, research reveals. As part of the daily LockBit leaks this week, Trend Micro's report on the group, ...
1 year ago Go.theregister.com LockBit

Police arrested four new individuals linked to the LockBit ransomware operation - “Europol supported a new series of actions against LockBit actors, which involved 12 countries and Eurojust and led to four arrests and seizures of servers critical for LockBit’s infrastructure.” reads the press release published by ...
11 months ago Securityaffairs.com LockBit