Evolve Bancorp in West Memphis, Ark., confirmed that it was the victim of a cyberattack.
The $1.6 billion-asset company, which was recently hit with an enforcement action from the Federal Reserve, announced on social media that “a known cybercriminal organization” had released “illegally obtained” data.
“We take this matter extremely seriously and are working tirelessly to address the situation,” the company said. “Evolve has engaged the appropriate law enforcement authorities to aid in our investigation and response efforts. This incident has been contained and there is no ongoing threat.”
Evolve said it will offer credit monitoring with identity theft protection to impacted customers. Those customers will also receive new account numbers if necessary.
The Fed disclosed earlier this month that it had issued a cease-and-desist order to Evolve after a 2023 examination identified deficiencies in the $1.6 billion-asset bank’s anti-money laundering, risk management and consumer compliance programs.
The bank is also embroiled in legal wrangling tied to the bankruptcy of Banking-as-a-Service middleware firm Synapse.