(Reuters) – Evolve Bank and Trust confirmed on Wednesday it was the victim of a cybersecurity incident that involved customers’ data being illegally released on the dark web.
A spokesperson for the Arkansas-based lender said they have engaged appropriate law enforcement agencies to aid in their investigation and response efforts.
“We will offer all impacted customers (end users) complimentary credit monitoring with identity theft protection services. Those affected will be contacted directly with instructions on how to enroll in these protective measures,” the spokesperson added.
The U.S. Federal Reserve had said earlier this month it had ordered Evolve to bolster its risk management programs around fintech partnerships as well as anti-money laundering laws.
Cybercrime group Lockbit 3.0 posted data hacked from Evolve on Tuesday, according to a Bloomberg News report, which also said the hackers had given the Fed until Tuesday afternoon to meet its ransom demands in exchange for not posting sensitive data from an alleged hack of the central bank.
In a post on social media platform X, Mercury said Evolve’s security breach included some account numbers and deposit balances associated with the fintech company and that affected customers have been notified of preventative steps.
(Reporting by Pritam Biswas in Bengaluru; Editing by Krishna Chandra Eluri)
Comments