Crypto-friendly Evolve Bank and Trust has suffered a significant data breach, with 33 terabytes of user data stolen. The bank confirmed the breach, which is believed to have been orchestrated by Russian ransomware group Lockbit.

The stolen data reportedly includes sensitive personally identifiable information (PII) linked to over 155.5k accounts from various firms, including Bitfinex, Nomad, and Copper Banking. The bank has stated that customer funds remain untouched, but it is likely that sensitive customer information was downloaded by the hackers.

The breach was a result of “unauthorized activity” in late May, allegedly caused by an employee inadvertently clicking a malicious link. The bank claims to have halted the attack within days and has not observed any further unauthorized activity since May 31.

Evolve Bank has been criticized for its delay in notifying affected companies and users, with reports suggesting that notifications were not sent until the breach became public knowledge last week. Despite this, the bank remains optimistic, stating that it managed to limit the loss and impact on its operations due to available backups.