Lockbit Ransomware Breaches Evolve Bank & Trust, Exposing Affirm Customer Data

Indonesian President Orders Audit Following Major Ransomware Attack

Key Points:

  • Lockbit ransomware group breached Evolve Bank & Trust, exposing confidential data. Affirm acknowledged customer data exposure due to the breach.
  • The breach occurred in late May after an Evolve employee clicked on a malicious link. Personal and financial information was accessed.
  • Evolve contained the breach, did not pay the ransom, and relied on backups to minimize impact. Evolve assured no customer funds were accessed.
  • Federal and international agencies are continuing to try to shut down Lockbit. The FBI obtained over 7,000 decryption keys to help affected individuals.

The Lockbit ransomware group has breached US-based Evolve Bank & Trust, exposing confidential data. This cyberattack also affected customers of Affirm’s “buy now, pay later” service, which acknowledged that some of its customers’ data was compromised.

The cyberattack occurred in late May when an Evolve employee clicked on a malicious link. About a month later, Evolve informed Affirm of the cybersecurity breach, revealing that unauthorized access to personal and financial information had occurred. This information was disclosed in a US Securities and Exchange Commission filing.

Although Evolve has since contained the breach, the users’ data with the Affirm Card, Affirm’s debit card offering, was leaked because Evolve facilitates these cards. Affirm confirmed in its filing that the “personal information of Affirm Card users was compromised as part of Evolve’s cybersecurity incident.”

Affirm is still investigating the extent of the breach but assured that its IT systems were not infiltrated. Despite the breach, Affirm’s debit cards remain active, and the company is enhancing its fraud monitoring efforts to protect its customers. Evolve did not pay Lockbit’s ransom, resulting in the public release of the encrypted data. However, despite the attack, Evolve stated that its backups will minimize data loss and operational impact.

Evolve assured its customers that Lockbit did not access any customer funds. However, the ransomware group downloaded customer information in February and May. Previously, Lockbit had incorrectly claimed that the breach involved the US Federal Reserve.

Federal and international law enforcement agencies have been working to shut down Lockbit for years. So far, six alleged members of the ransomware group, including a senior leader, have been charged. Despite authorities infiltrating Lockbit’s systems in February, the group continues its activities, spinning up new servers, leaking details of previous attacks, and conducting new ones. Last month, the FBI announced that it had obtained over 7,000 Lockbit decryption keys and is working to assist those affected by the ransomware.

TechGolly editorial team led by Al Mahmud Al Mamun. He worked as an Editor-in-Chief at a world-leading professional research Magazine. Rasel Hossain and Enamul Kabir are supporting as Managing Editor. Our team is intercorporate with technologists, researchers, and technology writers. We have substantial knowledge and background in Information Technology (IT), Artificial Intelligence (AI), and Embedded Technology.

Read More

We are highly passionate and dedicated to delivering our readers the latest information and insights into technology innovation and trends. Our mission is to help understand industry professionals and enthusiasts about the complexities of technology and the latest advancements.

Follow Us

Advertise Here...

Build brand awareness across our network!