Evolve Bank hit by cyber attack, data breach confirmed

June 30, 2024
1 min read




Evolve Bank confirms cyber attack, data breach

TLDR:

  • Evolve Bank & Trust, based in Arkansas, confirmed a cybersecurity breach.
  • Personal identification information of customers was illegally obtained and released.

Evolve Bank & Trust, a financial institution with branches in Region 8, is investigating a cybersecurity breach where a known cybercriminal organization obtained and released personal information of customers and financial technology partners. The breach included names, Social Security numbers, dates of birth, and account information. While retail banking customers’ debit cards and online credentials remain secure, the company is actively working with law enforcement to address the situation. Affected individuals will be notified and are advised to monitor their accounts for any suspicious activity.

Evolve Bank confirms cyber attack, data breach

Arkansas-based Evolve Bank & Trust, which has branches throughout Region 8, announced it is investigating a cybersecurity breach of its customers’ information. According to a statement from the financial company, a “known cybercriminal organization” illegally obtained and released data and personal information of some of its customers and financial technology partners’ customers. The company claimed the “bad actors” obtained personal identification information (PII), including names, Social Security numbers, dates of birth, account information, and other personal information. That information was then released onto the dark web. Evolve stressed in its news release that “retail banking customers’ debit cards, online and digital banking credentials do not appear to be impacted” and that they remain secure. “We take this matter extremely seriously and are working diligently to address the situation,” the news release stated. “Evolve has engaged the appropriate law enforcement authorities to aid in our investigation and response efforts.” The company is confident that the incident “has been contained and there is no ongoing threat.” Evolve said it would continue to monitor the situation closely and provide updates. “Please be assured that Evolve is putting forth every effort to determine the full scope of the incident,” Friday’s update stated. “Once we have a clearer understanding, we will promptly provide all necessary resources and support to those affected.” Those whose accounts were affected should receive an email or letter explaining the incident, what information was compromised, and what is being done. Evolve urged all customers to monitor account activities and credit reports. For more information, click here, email cyberalert@getevolved.com, or call 833-947-1379. Those who believe they are the victims of identity theft or fraud can file a report with the Federal Trade Commission by calling 1-877-IDTHEFT (438-4338) or visit https://www.identitytheft.gov. To report a typo or correction, please click here. Copyright 2024 KAIT. All rights reserved.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and