Our valued sponsor

Fed hacked 33 Tb data leak/Lockbit (ROFLMO)

Fortunately they can print some XMR to pay the ransom....

All kidding aside, I do not expect them to be breached. But I guess time will tell, the worst possible entity you could hit with ransomware is the US Gov. The last thing a ransomware operator would do in this case is NOT doxxing and NOT sharing proof.
 
If true I am trying to understand what they want to achieve. Do they just want kudos? It cant be money as they claim as there are much softer targets than going after an entity with near unlimited resources to deal with you.
 
  • Like
Reactions: jafo
why would the Fed website or database have any banking info of any Americans? this info is in the banks databases in their respective datacenters, isn't it? pls don't tell me this all is also on AWS or Azure cloud in addition to being in the DB of the Fed o_O just weird. How so much data can be concentrated in one location.
 
  • Like
Reactions: cryptofriendly
If true I am trying to understand what they want to achieve. Do they just want kudos? It cant be money as they claim as there are much softer targets than going after an entity with near unlimited resources to deal with you.
They want it known that LockBit is able to breach high-value targets. This in turn makes them interesting for other players in the ecosystem, thus recruiting more people for their Ransomware as a Service offering. If you are able to breach a network, just give the guys from LB a call and they will help you out type of deal.

why would the Fed website or database have any banking info of any Americans? this info is in the banks databases in their respective datacenters, isn't it? pls don't tell me this all is also on AWS or Azure cloud in addition to being in the DB of the Fed o_O just weird. How so much data can be concentrated in one location.
A lot of banking information is already in the cloud, most of it is hybrid. Legacy banking stuff is kept on-premise while new innovation is deployed on the cloud. Also most critical organizations got their own 'private' cloud within the hyperscalers and even dedicated physical connections to e.g. Microsoft datacenters from their own DCs.

Funnily enough, they pass every Privacy Impact Assessment.
 
Last edited:
Wise USD account, and Mercury use it, but don't know by which extent, possibly Mercury is a tech layer on top of Evolve bank. What it seems from the email signature "Mercury is a financial technology company, not a bank. Banking services provided by Choice Financial Group and Evolve Bank & Trust®; Members FDIC."
And Wise works with many banks so they'll easily switch if needed. The notice seems "make better security please!" than anything important though, "The Board is requiring the bank to improve its policies and programs in those areas, in addition to requiring other remedial improvements".
But does it mean Evolve bank is the ones whos customers go leaked or what?

but yeah actually could easily be a play towards CBDC rollouts in order to point out "remember those scary hacks? that's all in the past! since no one can hack the shiny new digital money, yay!" strategy?
 
  • Like
Reactions: mraleph
It has been published.

Edit: removed onion link to the files because I don't want to get suicided by the US government.

1719403964668.png


1719403933117.png
 
@janet25 Thanks for removing links.

Please nobody publish any links on this site to such stolen data. Tread carefully here when it comes to US and its not open for discussion either.
 
If I understand the leak comes from some other entities involved with FED that are keeping the data on cloud. Anybodz knows what kind of services are those ""Evolve Bancorp, Inc. and Evolve Bank & Trust" providing to FED?
 
If I understand the leak comes from some other entities involved with FED that are keeping the data on cloud. Anybodz knows what kind of services are those ""Evolve Bancorp, Inc. and Evolve Bank & Trust" providing to FED?

Looks like they provide enough for an actual ACH pull by the hackers ns2 . Luckily I don't keep money in Mercury, but here's their email from 8 hours ago:

-----------
We recently became aware of a cybersecurity attack that breached the security systems of one of our partner banks, Evolve Bank & Trust, and leaked their records, including some account numbers, deposit balances, business owner names, and emails associated with Mercury and other fintech accounts.

Mercury account credentials — including passwords — were not exposed (we do not share this information).

While we do not anticipate an increased risk of exposed Evolve account numbers being used fraudulently, Mercury is taking the following preventative steps to keep your funds secure:
  • We have robust monitoring for suspicious ACH pulls. If you notice a fraudulent ACH pull initiated against you, please dispute the transaction as soon as possible. You can see recent ACH pulls here.
  • You can further enhance the security on your accounts by enabling the ACH authorizations feature, which will flag any ACH pulls from unauthorized vendors and give you a chance to decline them before they are processed.
...
----------------
 
  • Haha
  • Like
Reactions: jafo and 0xDEADBEEF
Looks like they provide enough for an actual ACH pull by the hackers ns2 . Luckily I don't keep money in Mercury, but here's their email from 8 hours ago:

-----------
We recently became aware of a cybersecurity attack that breached the security systems of one of our partner banks, Evolve Bank & Trust, and leaked their records, including some account numbers, deposit balances, business owner names, and emails associated with Mercury and other fintech accounts.

Mercury account credentials — including passwords — were not exposed (we do not share this information).

While we do not anticipate an increased risk of exposed Evolve account numbers being used fraudulently, Mercury is taking the following preventative steps to keep your funds secure:
  • We have robust monitoring for suspicious ACH pulls. If you notice a fraudulent ACH pull initiated against you, please dispute the transaction as soon as possible. You can see recent ACH pulls here.
  • You can further enhance the security on your accounts by enabling the ACH authorizations feature, which will flag any ACH pulls from unauthorized vendors and give you a chance to decline them before they are processed.
...
----------------
I can confirm that Airwallex, which also uses Evolve Bank & Trust, sent a similar e-mail to customers yesterday in the evening:
************
Important Information Regarding Evolve Bank & Trust Data Breach

We are writing to inform you of a cybersecurity incident involving Evolve Bank & Trust, one of several Airwallex banking partners in the U.S. It appears that a criminal organization targeted Evolve and leaked customer data, likely including Personal Identification Information (PII), on the dark web. The data varies by individual, but could include your name, Tax ID, date of birth, account information and/or other personal information.

At this point, we are unable to confirm whether Airwallex customer data was compromised. Evolve has confirmed that they have contained the situation and the bad actors are no longer in their system. However, we cannot independently assess the data and must work through Evolve and law enforcement to do so.

We are in contact with the Evolve team as they continue to investigate and analyze the situation. We will continue to share relevant updates as soon as we are able.

The security and safety of our customers’ data is of the utmost importance and we are increasing our monitoring of customer accounts connected to Evolve amid this situation.

We will be in touch as soon as we have more information to share any remediation actions that may be necessary. In the meantime, please notify us of any suspicious activity in your account and reach out to Airwallex customer service with any questions.
*****************
 
It appears wise was impacted

There’s been a data breach at Evolve Bank & Trust.​
Evolve Bank & Trust is a regulated bank that we worked with from 2020 until 2023 to provide your old USD account details. They’ve recently been affected by a data breach and some of your personal information may have been involved.​
This personal information does not include copies of any of the identification documents you’ve shared with us — these have not been shared with Evolve Bank & Trust at any point.​
Your Wise account is safe​
We no longer work with Evolve Bank & Trust, and have already strengthened our security measures. We’ve also started a thorough investigation into this data breach and can confirm that it has not impacted our systems. This means:​
• your Wise account credentials, including your password, are safe, and you can use your account as normal​
• you can continue to use your USD account details — these are no longer connected to Evolve Bank & Trust​
• you can continue to use any Wise cards you may have as they were not impacted by this issue – your card number and PIN are safe​
 
Just a question: Do you think that this Federal Reserve Board enforcement action is somehow related to the Federal Reserve System breach that is discussed here? Honestly, I do not see any obvious link...
(Of course, this enforcement action is of a serious concern anyway; and thanks for sharing!)
 
  • Like
Reactions: jafo

Latest Threads