Evolve Bank leak has personal data of Bitfinex, Copper, Nomad users
Crypto-friendly Evolve Bank and Trust has admitted that it has known about ‘unauthorized activity’ — specifically the theft of 33 terabytes of user data — for the past month despite only notifying end users about the breach last week.
The data leak, which has been attributed to infamous Russia-based ransomware group Lockbit, reportedly includes personal details belonging to Bitfinex users.
Evolve said on Monday that in late May, some of its systems stopped working properly due to ‘unauthorized activity’ that appears to stem from an employee accidentally clicking on a malicious link.
The bank claims it stopped the attack ‘within days’ and hasn’t seen any more unauthorized activity since May 31. It also didn’t pay the ransom demand and says Lockbit mistakenly attributed the data to the Federal Reserve.
Despite this activity, as reported by Fintech Business Weekly (FBW) reporter Jason Mikula, “It appears [Evolve Bank] didn’t notify impacted fintechs (or end users) until the breach became public last week.”
Bitfinex accounts included in Evolve leak
The data stolen from Evolve Bank reportedly includes personally identifiable information (PII), such as names, addresses, social security and tax ID numbers, dates of birth, account balances, and email addresses. The data reportedly comes from 155,586 accounts linked to firms including Bitfinex, Nomad, and Copper.
An industry source told FBW, “I can’t think of a data breach with this much PII and consumer and commercial financial data…. that then is publicly available…. Ever.”
Mikula has since received a cease and desist email from Evolve. He said, “If people misunderstood my posts to mean that I would share sensitive PII in my reporting, please know that was never my intent.”
One anonymous source claiming to be an exec impacted by the Evolve hack reportedly asked Mikula for the leaked files as they hadn’t “gotten confirmation from Evolve.”
Today’s announcement was updated from a June 26 version which omitted disclosure of May’s ‘unauthorized activity.’