The recent data breach experienced by Evolve Bank has impacted Bitfinex and other platforms. The crypto-friendly financial institution disclosed a significant security incident involving the theft of 33 terabytes of user data. While customer funds remain secure, sensitive customer information stored in the bank&rsquos databases was likely accessed by hackers. Suspicious Activity The breach, attributed to the Lockbit ransomware group, apparently compromised personal data of Bitfinex users among others. The stolen data includes personally identifiable information such as names, addresses, social security numbers, tax IDs, dates of birth, account balances, and email addresses, affecting over 155.5k accounts associated with companies like Bitfinex, Nomad, and Copper Banking. Evolve Bank acknowledged a system malfunction in late May due to unauthorized activity, triggered when an employee unwittingly clicked on a malicious link. The bank claims it contained the attack quickly and observed no further unauthorized activity since May 31st. Damage Control Despite encrypting some data within its environment, Evolve managed to mitigate the impact using backups and opted not to pay the ransom demanded by Lockbit. The bank clarified that the ransomware group mistakenly linked the data to the Federal Reserve. The investigation is ongoing, with early findings indicating potential exposure of names, Social Security numbers, bank account details, and contact information for personal banking customers, as well as employees and Open Banking partners. Concerns have also been raised about Evolve Bank reportedly delaying notifying affected fintech companies and end users about the breach, which only became public knowledge recently.
Skip to content
