back to article Evolve Bank & Trust confirms LockBit stole 7.6 million people's data

Evolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine's attorney general. The filing lists the total number of persons affected (including residents) at 7,640,112. It's the first time Evolve has confirmed the scale of the data …

  1. Doctor Syntax Silver badge

    The appropriate response would be to permanently revoke the licences it needs to operate, ditto for all directors and senior office holders for their right to work in the finance industry and make clear this will be mandatory for any other bank that has the same experience. And just to avoid avoidance - failure to report such breaches within 4 hours will be a criminal offence for all directors and senior office holders.

    That should spread the word that this stuff has to be taken seriously, day by day, day after day.

    1. Anonymous Coward
      Anonymous Coward

      About that four hours.....

      @Doctor Syntax

      Quote: "...failure to report such breaches within 4 hours...."

      If we take a look at the Equifax breach, where an unknown amount of data was stolen, Equifax DID NOT KNOW ABOUT THE EXFILTRATION FOR MONTHS, maybe years.

      When I asked a cyber security expert recently about this, he pointed out that finding an unauthorised gigabyte stream when some of these financial networks are seeing petabyte volumes is a challenge!!

      Yup...."four hours" probably sounds pretty good in the text of a proposed law.......but the enforcement of such a requirement might be.....errrrr......difficult?.....impossible?

    2. Anonymous Coward
      Anonymous Coward

      How About Five Months?? Yes Really!!! And At A Fed Agency Too!!!

      https://www.theregister.com/2024/07/12/cisa_broke_into_fed_agency/

  2. Dostoevsky Bronze badge
    Mushroom

    Youch.

    This is every bank's worst nightmare. Even without regulatory actions such as fines and changes in the Board and C-suite, they've lost the community's trust.

    If there's one thing people won't risk losing, it's their money. I bet at least a third of those depositors will bail in the coming months. This bank is as dead as canned Spam.

    My bank once had to sent letters about a third-party home insurance provider that had a minor breach. I had no end of homeowners/mortgage-holders who were scared to death their "accounts had been hacked."

    I shudder to think what EB&T's employees must be feeling...

    1. Missing Semicolon Silver badge
      FAIL

      Re: Youch.

      Not really. Name one large organisation that has ceased to be after a major data breach. It is a temporary blip at the worst. And still cheaper than proper security.

  3. JacobZ
    Coat

    Will they be changing their name to Evolve Bank?

    That's the joke.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like