On June 28, Evolve Bank & Trust faced three separate class action lawsuits filed on the same day in response to a significant data breach. The breach, discovered on June 26, exposed sensitive customer information, including names, Social Security numbers, and account details. Plaintiffs allege that the breach was preventable and that Evolve Bank failed in its duty to protect this critical data.
The lawsuits, filed in federal courts in Arkansas and Tennessee, accuse Evolve Bank of negligence and violations of state and federal laws. Plaintiffs argue that the bank’s cybersecurity measures were inadequate, making customer information vulnerable to cybercriminals. The compromised data has reportedly been released on the dark web, raising concerns about long-term risks of identity theft for affected individuals.
The plaintiffs claim that Evolve Bank delayed notifying customers about the breach, providing only minimal information after the fact. They argue that the bank’s response was insufficient and failed to address the full scope of the breach or offer timely assistance to those affected. This delay in communication is cited as a factor contributing to the plaintiffs’ distress and financial harm.
In addition to seeking damages and class action certification, the plaintiffs are calling for the bank to improve its data security practices. They are also demanding a jury trial and legal measures to ensure better protection of customer information in the future. The case reflects broader concerns about the adequacy of cybersecurity practices and the responsibilities of financial institutions in safeguarding sensitive data.
