BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Evolve Bank Data Leaked After LockBit’s ‘Federal Reserve Hack’ 

The LockBit ransomware group claimed to have hacked the US Federal Reserve, but leaked data from an Arkansas-based bank.

Ransomware

The LockBit ransomware group recently threatened to release data allegedly stolen from the US Federal Reserve, but leaked data apparently taken from an Arkansas-based financial organization.

A post added to the LockBit group’s website on June 23 claimed that 33 Tb of data from the Federal Reserve would soon be leaked. The announcement came shortly after an international law enforcement crackdown on LockBit operations and the unmasking of the gang’s alleged mastermind. 

On June 26, LockBit did publish links to 33 Tb of data under a ‘federalreserve.gov’ post on its website, but an analysis showed that the information likely comes from Evolve Bank & Trust, a relatively small financial services company, rather than from the United States’ central bank.

It’s worth noting that many members of the cybersecurity community expressed skepticism over LockBit’s claims when it announced hacking the Federal Reserve. 

Evolve Bank & Trust on Wednesday informed retail bank customers and the customers of financial technology partners that it has launched an investigation into an incident that may involve personal information getting compromised.

“It appears these bad actors have released illegally obtained data, including Personal Identification Information (PII), on the dark web. The data varies by individual but may include your name, Social Security Number, date of birth, account information and/or other personal information,” Evolve Bank said in a notice on its website.

The company is confident that the breach has been contained and noted that “Evolve retail banking customers’ debit cards, online, and digital banking credentials do not appear to be impacted by the cybersecurity incident.”

The Federal Reserve Board recently issued an enforcement action against Evolve Bank & Trust for deficiencies in its anti-money laundering, risk management, and consumer compliance programs. This may be the connection that resulted in the cybercriminals claiming a Federal Reserve hack. 

Advertisement. Scroll to continue reading.

“We suspected the affiliate (who probably doesn’t know English) saw a document that said ‘United States Federal Reserve’ and thought it was that,” the Vx-Underground research and threat intelligence group said.  

SecurityWeek contacted the Federal Reserve for comment when LockBit first announced the ‘hack’, but we have yet to hear back.

Following the law enforcement crackdown, LockBit once again appears to have become the most active ransomware group, but experts believe the cybercriminals may just be inflating the number of victims.

Related: FBI Says It Has 7,000 LockBit Ransomware Decryption Keys

Related: LockBit Takes Credit for City of Wichita Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights