LockBit Attack Targets Evolve Bank, Not Federal Reserve

  /     /     /  
Publicated : 23/11/2024   Category : security


LockBit Attack Targets Evolve Bank, Not Federal Reserve


The ransomware group claimed it had breached the Federal Reserve, but the target now appears to have been an Arkansas-based bank, Evolve.



Evolve Bank, a financial institution headquartered in Arkansas, was the victim of an attack by the LockBit ransomware group which resulted in a data leak onto the Dark Web this week.
LockBit had drawn attention to itself earlier this week after claiming to have hacked the US Federal Reserve.
The announcement was seen by some within the IT security community as a bold — some used the word desperate­ —
comeback attempt
following the recent,
high-profile law enforcement takedown of the ransomware giant

After publishing a post on its data leak site threatening to release 33 terabytes of juicy banking information containing Americans banking secrets if a ransom was not paid, LockBit then released some of the data, which was actually stolen from Evolve.
It appears these bad actors have released illegally obtained data, including personal identification information (PII), on the Dark Web, according to an
Evolve statement
. The data varies by individual, but may include your name, Social Security number, date of birth, account information and/or other personal information.
The statement noted the company had contacted law enforcement authorities as part of the banks investigation and response efforts.
Based on what our investigation has found and what we know at this time, we are confident this incident has been contained and there is no ongoing threat, the statement said.
The company added that retail banking customers’ debit cards, online, and digital banking credentials did not seem to be affected by the breach.
Those credentials appear to be secure, a statement said.
Earlier this month, the Federal Reserve Board issued an enforcement action against Evolve Bancorp and Evolve Bank & Trust, accusing the company of deficiencies in their anti-money laundering, risk management, and consumer compliance programs.
Examinations conducted in 2023 found Evolve did not maintain an effective risk-management program or controls sufficient to comply with anti-money laundering laws and laws protecting consumers, the
Fed statement
read.
Stephen Gates, principal security SME for Horizon3.ai, said in an emailed statement that once an organization experiences a breach, and the smoke begins to clear, the biggest decision is what to do next.
Everything in the networking environment is now suspect, possibly riddled with other exploitable vulnerabilities and weaknesses that likely remain hidden, he said.
That means that teams must find the attack path that allowed the breach to happen, and they need to uncover other attack paths that could enable it to happen again.
Now is the time to thoroughly assess the entire networking environment, both on-premises and cloud, but that could take months if not longer, Gates said.
Piyush Pandey, CEO at Pathlock, says the recent enforcement action against Evolve Bancorp underscores the critical importance of robust sensitive data and
application access controls within financial institutions
.
As traditional banking continues to intersect with innovative fintech solutions, maintaining stringent identity and access controls is a must, he says.
He also points out that the interconnectedness and complexity of supply chains in the financial sector increases the difficulty of managing and securing third-party access.
Given how highly regulated the financial sector is with regards to data protection and privacy, ensuring that third-party vendors comply with these regulations is crucial, yet challenging, Pandey explains.
He adds that by focusing on rigorous controls testing and enforcement, including stringent management of third-party identities and access, financial institutions can significantly strengthen their security posture, protect sensitive data, and ensure compliance with regulatory requirements.
This proactive approach not only safeguards customer data — and trust — but also enhances the institutions overall resilience against these types of attacks, Pandey says.
Narayana Pappu, CEO at Zendata, notes that financial and medical institutions store significant amount highly sensitive data with significant monetary impact for exposed organizations.
Therefore, it makes sense that organizations like LockBit are going after this information, he says.
From his perspective, data minimization — not capturing or storing data that is not needed — would help these institutions significantly.
The trend to date has been to capture, store and make multiple copies of information that is not really needed to run the business, Pappu says. Just 5% of data collected is properly labeled and governed, for example.

Last News

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
LockBit Attack Targets Evolve Bank, Not Federal Reserve