LockBit Ransomware Targets Evolve Bank, Exposes Sensitive Data on Dark Web

Introduction

The LockBit ransomware group has targeted Evolve Bank, a financial institution headquartered in Arkansas, resulting in a significant data breach with information leaked onto the Dark Web. Initially, LockBit claimed to have hacked the US Federal Reserve, but it became clear that the actual target was Evolve Bank.

LockBit's Bold Claim and Data Leak

Earlier this week, LockBit made headlines by claiming to have hacked the US Federal Reserve, describing their haul as "33 terabytes of juicy banking information containing Americans' banking secrets." However, it was soon revealed that the stolen data came from Evolve Bank. This bold, some say desperate, move follows the recent high-profile law enforcement takedown of the ransomware group.

Evolve Bank's Response and Investigation

In a statement, Evolve Bank confirmed the breach, noting that personal identification information (PII) such as names, Social Security numbers, dates of birth, and account information was released on the Dark Web. The company has contacted law enforcement and assured customers that the breach has been contained and there is no ongoing threat. Fortunately, the breach did not affect retail banking customers' debit cards, online, or digital banking credentials.

Regulatory and Compliance Challenges

Evolve Bank was already under scrutiny from the Federal Reserve Board for deficiencies in their anti-money laundering, risk management, and consumer compliance programs. This enforcement action highlights the importance of robust sensitive data and application access controls within financial institutions.

Expert Insights on Addressing Security Breaches

Stephen Gates, principal security SME for Foresiet.ai, emphasized that after a breach, organizations must thoroughly assess their entire networking environment, both on-premises and cloud, to uncover any exploitable vulnerabilities and weaknesses. This process is crucial for preventing future breaches and ensuring a secure environment.

Piyush Pandey, CEO at Pathlock, pointed out that maintaining stringent identity and access controls is essential as traditional banking intersects with innovative fintech solutions. He stressed the importance of managing and securing third-party access, especially given the highly regulated nature of the financial sector regarding data protection and privacy.

Narayana Pappu, CEO at Zendata, noted that financial institutions must focus on data minimization to reduce the risk of breaches. By only capturing and storing necessary data, organizations can significantly lower their exposure to potential cyberattacks.

Conclusion

The LockBit attack on Evolve Bank underscores the critical need for financial institutions to maintain robust cybersecurity measures. By focusing on rigorous controls testing, enforcing stringent access management, and prioritizing data minimization, banks can strengthen their security posture, protect sensitive customer data, and ensure compliance with regulatory standards.

About Foresiet!

Foresiet is the pioneering force in digital security solutions, offering the first integrated Digital Risk Protection SaaS platform. With 24x7x365 dark web monitoring and proactive threat intelligence, Foresiet safeguards against data breaches and intellectual property theft. Our robust suite includes brand protection, takedown services, and supply chain assessment, enhancing your organization's defense mechanisms. Attack surface management is a key component of our approach, ensuring comprehensive protection across all vulnerable points. Compliance is assured through adherence to ISO27001, NIST, GDPR, PCI, SOX, HIPAA, SAMA, CITC, and Third Party regulations. Additionally, our advanced antiphishing shield provides unparalleled protection against malicious emails. Trust Foresiet to empower your organization to navigate the digital landscape securely and confidently.