Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On July 1, according to Protos, the crypto-friendly bank Evolve Bank & Trust recently admitted that despite discovering "unauthorized activity"—specifically, the theft of 33 TB of user data—a month ago, they only publicly disclosed the incident last week. Reportedly, the stolen data pertains to 155,586 accounts associated with companies like Bitfinex, Nomad, and Copper. The bank stated that the data breach was due to an employee clicking on a malicious link and that the attack was halted within a few days, with no further unauthorized activity detected. Attack method (per SlowMist): Information Leakage. Reported loss: -.
- chain
- —
- protocol
- Evolve Bank & Trust
- bug_class
- access-control
- date_occurred
- 2024-07-01
- loss_usd
- —
- source_id
- sm:evolve-bank-trust::2024-07-01