{"id":56467,"date":"2024-07-03T15:00:57","date_gmt":"2024-07-03T15:00:57","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/36059\/Evolve-Bank-Ransomware-Raid-May-Mean-Customer-Info-Stolen.html"},"modified":"2024-07-03T15:00:57","modified_gmt":"2024-07-03T15:00:57","slug":"evolve-bank-ransomware-raid-may-mean-customer-info-stolen","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/","title":{"rendered":"Evolve Bank Ransomware Raid May Mean Customer Info Stolen"},"content":{"rendered":"<p>The number of financial institutions caught up in the ransomware attack on Evolve Bank &amp; Trust continues to rise as fintech businesses Wise and Affirm both confirm they have been materially affected.<\/p>\n<p>News of Evolve being compromised by extortionists broke <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cpomagazine.com\/cyber-security\/lockbits-claimed-hack-on-us-federal-reserve-turns-out-to-be-a-publicity-stunt-stolen-data-came-from-just-one-us-bank\/\">last week<\/a>. The Banking-as-a-Service provider officially disclosed it fell victim in late May to the LockBit crew \u2013 which steals and holds organizations&#8217; information to ransom \u2013 and reports of follow-on data privacy compromises at Evolve&#8217;s partners have emerged over the past few days.<\/p>\n<p>Buy-now-pay-later biz Affirm told the US Securities and Exchange Commission (SEC) on Monday that it believes personal data of Affirm Card holders was potentially stolen during LockBit&#8217;s <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.getevolved.com\/about\/news\/cybersecurity-incident\/\">cyber-attack<\/a> on Evolve.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Evolve is the third-party issuer of the Affirm Card, the latter&#8217;s buy-now-pay-later debit card, and that&#8217;s how Affirm was pulled into the debacle. It insists that its own systems have not been compromised.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;This incident has not impacted any other part of the company&#8217;s business or operations,&#8221; Affirm said in the <a target=\"_blank\" href=\"https:\/\/www.sec.gov\/Archives\/edgar\/data\/1820953\/000182095324000027\/afrm-20240625.htm\" rel=\"nofollow noopener\">regulatory filing<\/a>.<\/p>\n<p>&#8220;Upon being notified of the Evolve cybersecurity incident, the company immediately began an investigation independent of Evolve&#8217;s investigation to determine whether any Affirm Card user personal information had been compromised, and that investigation, along with remediation efforts, is ongoing as of the date of this [filing].&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Evolve has communicated to the company that this cybersecurity incident has been contained. However, the full scope, nature, and impact of the incident on the company and Affirm Card users, including the extent to which there has been unauthorized access to Affirm Card user personal information, are not yet known.&#8221;<\/p>\n<p>The SEC filing follows a <a target=\"_blank\" href=\"https:\/\/x.com\/Affirm\/status\/1806318799567610164\" rel=\"nofollow noopener\">xeet<\/a> from Affirm on June 27, informing followers that it was made aware of the Evolve incident two days prior and that it understood data &#8220;may&#8221; be compromised, but was merely investigating at that point.<\/p>\n<p>The scale of the security breach, in terms of exactly how many individuals may have had their data stolen, hasn&#8217;t yet been confirmed. However, the number of affected users is rising with each day a new Evolve partner discloses a breach.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Money transfer specialist Wise, which stopped working with Evolve last year, disclosed last week that some of its users may have been affected and will be notified directly in writing.<\/p>\n<p>&#8220;Evolve Bank &amp; Trust is a regulated bank that we worked with from 2020 until 2023 to provide USD account details,&#8221; Wise&#8217;s <a target=\"_blank\" href=\"https:\/\/wise.com\/help\/articles\/1Tyvn34K9tp08aZ0y0Hqe0\/data-breach-at-evolve-bank-trust-in-the-us\" rel=\"nofollow noopener\">disclosure<\/a> reads. &#8220;They&#8217;ve recently been affected by a data breach and some Wise customers&#8217; personal information may have been involved. We&#8217;ll be emailing all Wise customers who we think may have been affected by this data breach directly.&nbsp;<\/p>\n<p>&#8220;For Evolve Bank &amp; Trust to provide USD account details to Wise customers, they were required to hold identifying information. The information that we shared with Evolve Bank &amp; Trust to provide USD account details included name, address, date of birth, contact details, SSN or EIN for US customers, or another identity document number for non-US customers. Evolve has not yet confirmed to us what data has been impacted.&#8221;<\/p>\n<p>As of June 28, when Wise&#8217;s disclosure was last updated, Evolve may not have told the fintech company what data was affected but its updated breach notification confirms SSNs, bank account numbers, and contact information &#8220;for most&#8221; of its personal banking customers and the customers of its banking partners. Employee data is also thought to be affected.<\/p>\n<p>Investigations continue to determine whether Evolve&#8217;s Business, Trust, and Mortgage arms are also affected.<\/p>\n<p>As for its other partners, a full list can be found on <a target=\"_blank\" href=\"https:\/\/www.getevolved.com\/openbanking\/partners\/\" rel=\"nofollow noopener\">Evolve&#8217;s website<\/a>. Only one other has publicly acknowledged the incident.<\/p>\n<p>Mercury, which does banking for startups, suggested in a <a target=\"_blank\" href=\"https:\/\/x.com\/mercury\/status\/1806060971909149151\" rel=\"nofollow noopener\">xeet<\/a> that at least some of its customers were affected and have been notified directly.<\/p>\n<p>&#8220;We are thoroughly investigating the leaked data to understand what customer information is at risk,&#8221; it said. &#8220;Additionally, Mercury account credentials \u2013 including your password \u2013 were not exposed (we do not share this information).&#8221;<\/p>\n<p>All of the partners listed by Evolve have been contacted by <em>El Reg<\/em>.<\/p>\n<p>A spokesperson for Melio told us: &#8220;We are aware of the Evolve Bank &amp; Trust security breach and are diligently working with them to determine if Melio or any of our customers were impacted by it. We will keep our customers informed with any relevant information as we learn more. There have been no disruptions to Melio&#8217;s operations as a result of this incident.&#8221;<\/p>\n<h3 class=\"crosshead\">Imperfect storm<\/h3>\n<p>The disclosure of the breach couldn&#8217;t have come at a worse time for Evolve, which less than a fortnight prior had to field questions following the US Federal Reserve Board and the Arkansas State Bank Department formally calling out various deficiencies.<\/p>\n<div class=\"promo_article no_img\">\n<h2 title=\"Untold harms of holding the corporate perimeter revealed in extensive series of interviews\">Ransomware attacks hospitalizing security pros, as one admits suicidal feelings<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2024\/01\/18\/ransomware_attacks_hospitalize_security_pros\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>These related to its handling of anti-money laundering practices, risk management, and consumer compliance programs. Its partnerships with other fintech companies were designated &#8220;unsafe,&#8221; with the board ordering it to improve in all these areas.<\/p>\n<p>&#8220;Evolve partners with various financial technology companies that, in turn, provide access to banking products and services to their end customers,&#8221; <a target=\"_blank\" href=\"https:\/\/www.federalreserve.gov\/newsevents\/pressreleases\/enforcement20240614a.htm\" rel=\"nofollow noopener\">said<\/a> the board. &#8220;Examinations conducted in 2023 found that Evolve engaged in unsafe and unsound banking practices by failing to have in place an effective risk management framework for those partnerships.&nbsp;<\/p>\n<p>&#8220;In addition, Evolve did not maintain an effective risk management program or controls sufficient to comply with anti-money laundering laws and laws protecting consumers.&#8221;<\/p>\n<p>Providing all the timelines supplied by the organizations in question are correct, the Federal Reserve&#8217;s warning came roughly two weeks after <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/06\/06\/lockbit_fbi_decryption_keys\/\" rel=\"noopener\">LockBit<\/a> broke into Evolve&#8217;s systems. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/36059\/Evolve-Bank-Ransomware-Raid-May-Mean-Customer-Info-Stolen.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9287],"class_list":["post-56467","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-blogs","tag-headlinehackerprivacymalwarebankdata-losscryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Evolve Bank Ransomware Raid May Mean Customer Info Stolen 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Evolve Bank Ransomware Raid May Mean Customer Info Stolen 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-03T15:00:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Evolve Bank Ransomware Raid May Mean Customer Info Stolen\",\"datePublished\":\"2024-07-03T15:00:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/\"},\"wordCount\":947,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_specialfeatures\\\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,hacker,privacy,malware,bank,data loss,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/\",\"name\":\"Evolve Bank Ransomware Raid May Mean Customer Info Stolen 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_specialfeatures\\\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-07-03T15:00:57+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_specialfeatures\\\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_specialfeatures\\\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,privacy,malware,bank,data loss,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerprivacymalwarebankdata-losscryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Evolve Bank Ransomware Raid May Mean Customer Info Stolen\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Evolve Bank Ransomware Raid May Mean Customer Info Stolen 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/","og_locale":"en_US","og_type":"article","og_title":"Evolve Bank Ransomware Raid May Mean Customer Info Stolen 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-07-03T15:00:57+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Evolve Bank Ransomware Raid May Mean Customer Info Stolen","datePublished":"2024-07-03T15:00:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/"},"wordCount":947,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,hacker,privacy,malware,bank,data loss,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/","url":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/","name":"Evolve Bank Ransomware Raid May Mean Customer Info Stolen 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-07-03T15:00:57+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_specialfeatures\/malwaremonth&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZoV6ybMMFnyz@pQeVDzTWQAAAAg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/evolve-bank-ransomware-raid-may-mean-customer-info-stolen\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,privacy,malware,bank,data loss,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerprivacymalwarebankdata-losscryptography\/"},{"@type":"ListItem","position":3,"name":"Evolve Bank Ransomware Raid May Mean Customer Info Stolen"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56467","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=56467"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56467\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=56467"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=56467"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=56467"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}