{
	"id": "2b023d8f-a056-4898-987c-125b7d869dac",
	"created_at": "2026-04-06T00:15:02.503482Z",
	"updated_at": "2026-04-10T13:12:36.64558Z",
	"deleted_at": null,
	"sha1_hash": "9ce05603e215a76014befc4bfd780293f2ceff5f",
	"title": "LockBit lied: Stolen data is from a bank, not US Federal Reserve",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2233125,
	"plain_text": "LockBit lied: Stolen data is from a bank, not US Federal Reserve\r\nBy Ax Sharma\r\nPublished: 2024-06-26 · Archived: 2026-04-05 19:12:21 UTC\r\nRecently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit\r\nthe Federal Reserve, the central bank of the United States.\r\nThe tall claim was followed up with LockBit stating it had stolen 33 terabytes of sensitive banking information belonging to\r\nAmericans and that negotiations were ongoing.\r\nExcept, the rumor has been quashed. Turns out, the threat actor hit an individual bank, and not the Fed.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nBold claims\r\nOn Sunday, June 23rd, the LockBit ransomware gang announced that it had breached the Federal Reserve (aka The Fed), the\r\nmost powerful economic institution in the United States.\r\n\"33 terabytes of juicy banking information containing Americans' banking secrets,\" claimed LockBit on its leak site,\r\nalluding to the group having breached the Fed's systems and stolen sensitive data.\r\nThe ransomware operator further suggested that negotiations were ongoing and that a \"clinical idiot\" offered them $50,000\r\nto not leak the data.\r\n\"You better hire another negotiator within 48 hours, and fire this clinical idiot who values Americans' bank secrecy at\r\n$50,000.\"\r\nLockBit claims it attacked the Fed, leaks data (Hackmanac)\r\nEventually, the group began publishing the stolen data on its site.\r\nSome media outlets reported on the allegation without obtaining a statement from the Federal Reserve or verifying if the\r\norganization was even attacked as LockBit claims.\r\nIt turns out that it's not the Fed but an individual US financial institution that the threat actors have targeted in this attack.\r\n\"They have apparently breached the American bank Evolve Bank \u0026 Trust,\" cyber threat monitoring company, HackManac\r\nposted in an update on social media.\r\n\"For now, there is still no trace of 'secret' files, but the analysis is ongoing.\"\r\nBleepingComputer reached out to Evolve Bank \u0026 Trust with questions related to the attack and the financial institution has\r\nconfirmed that threat actors have \"illegally\" obtained data from its systems.\r\n\"Evolve is currently investigating a cybersecurity incident involving a known cybercriminal organization. It appears these\r\nbad actors have released illegally obtained data, on the dark web,\" an Evolve Spokesperson told BleepingComputer.\r\n\"We take this matter extremely seriously and are working tirelessly to address the situation. Evolve has engaged the\r\nappropriate law enforcement authorities to aid in our investigation and response efforts. This incident has been contained,\r\nand there is no ongoing threat.\"\r\n\"In response to this event, we will offer all impacted customers (end users) complimentary credit monitoring with identity\r\ntheft protection services. Those affected will be contacted directly with instructions on how to enroll in these protective\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/\r\nPage 3 of 5\n\nmeasures. Additionally, impacted customers will receive new account numbers if warranted.\"\r\n\"Updates and further information will be posted on our website as they become available.\"\r\nWe asked Evolve if it knew exactly when the threat actors had stolen this data, and how the bank's systems were breached.\r\n\"No further comments will be made during investigation,\" Evolve further responded to BleepingComputer.\r\nWe also attempted to reach out to LockBitSup, the manager of the ransomware operation, but it appears we have been\r\nblocked by him.\r\nInterestingly, recently the Federal Reserve had penalized Evolve Bank \u0026 Trust over multiple \"deficiencies\" identified in how\r\nthe bank conducted risk management, anti-money laundering (AML), and compliance practices.\r\nExaminations conducted in 2023 found that the bank had \"engaged in unsafe and unsound banking practices by failing to\r\nhave in place an effective risk management framework for those partnerships.\"\r\nAs a result, the Fed demanded that Evolve halt some of its activities until the bank improves its risk management policies\r\nand complies with AML laws and regulations.\r\n\"A desperate bid for relevance\"\r\nReacting to the ransomware operator's baseless claims, X account AzAl Security dubbed this as LockBit's \"desperate bid for\r\nrelevance.\"\r\nPreviously notorious for executing ransomware attacks on high-profile targets like Boeing, the Continental automotive giant,\r\nthe Italian Internal Revenue Service, Bank of America, the UK Royal Mail, and most recently London Drugs, the\r\ncybercrime group found itself in hot waters this year.\r\nIn February, law enforcement took down LockBit's infrastructure in an action known as Operation Cronos and seized 34\r\nservers containing over 2,500 decryption keys that helped create a free LockBit 3.0 Black Ransomware decryptor.\r\nHaving thrived through its peak, LockBit seems to have entered tough times, compelling it to resort to making misleading\r\nclaims to stay relevant.\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/\r\nPage 4 of 5\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/\r\nhttps://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve/"
	],
	"report_names": [
		"lockbit-lied-stolen-data-is-from-a-bank-not-us-federal-reserve"
	],
	"threat_actors": [],
	"ts_created_at": 1775434502,
	"ts_updated_at": 1775826756,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/9ce05603e215a76014befc4bfd780293f2ceff5f.pdf",
		"text": "https://archive.orkl.eu/9ce05603e215a76014befc4bfd780293f2ceff5f.txt",
		"img": "https://archive.orkl.eu/9ce05603e215a76014befc4bfd780293f2ceff5f.jpg"
	}
}