MEMPHIS, Tenn., July 8, 2024 (Newswire.com) – As recently announced on the Evolve Bank & Trust (“Evolve” or “we”) website, Evolve was recently subject to a cybersecurity incident. Today, Evolve is beginning the process of notifying individuals whose personal information was affected. We deeply regret any inconvenience or concern this incident may cause. The security of our customers’, partners’ and employees’ information is a priority, and we are committed to supporting them through this process.
In late May 2024, Evolve identified that some of its systems were not working properly. While it initially appeared to be a hardware failure, we subsequently learned it was unauthorized activity. We promptly initiated our incident response processes and stopped the attack. The Bank has seen no new unauthorized activity since May 31, 2024. We engaged outside specialists to investigate what happened and what data was affected, as well as a firm to help us restore our services. Law enforcement was notified of the incident.
The investigation is in its early stages, but it appears the criminals downloaded information from our databases and a file share that included names, Social Security numbers, bank account numbers, and contact information for most of our personal banking customers, as well as customers of our Open Banking partners. We have also learned that personal information relating to our employees was also likely affected.
Evolve is beginning to send the first round of individual notifications today, and we are still investigating what other personal information was affected. As a result, we anticipate subsequent, smaller rounds of notifications.
We are in the process of further strengthening our security response protocols, policies and procedures, and our ability to detect and respond to suspected incidents. Please visit our dedicated security incident website for additional information: https://www.getevolved.com/about/news/cybersecurity-incident/substitute-notice-of-data-breach/
Source: Evolve Bank & Trust