Skip to Main Content


LockBit Claims to Have U.S. Federal Reserve Data 


On Tuesday, June 25, LockBit posted the U.S. Federal Reserve to its data leak site (DLS). In the post, the group claims to have stolen 33 terabytes of data and criticized those supposedly negotiating on behalf of the Federal Reserve. Thus far, the group has only posted 21 links containing data belonging to Evolve Bank & Trust, a separate financial institution that was issued an enforcement action by the Federal Reserve Board earlier this month for “deficiencies in the bank’s anti-money laundering, risk management, and consumer compliance programs.”  

Screen shot from LockBit's website stating they have data leak of the US Federal Reserve.
Figure 1. Post of the Federal Reserve from LockBit’s DLS (Source: Arete)

Analyst Comments

At this time, it is unknown whether the leaked data actually came from a breach of the Federal Reserve or if LockBit is fabricating the source of the data. While it is possible that more data will be leaked eventually, it currently seems more likely that LockBit is inflating its capabilities to garner attention in the wake of law enforcement disruptions. This wouldn’t be the first time LockBit used its DLS to draw attention and appear more active; just last month, 68 of the “new” victims posted to the LockBit DLS were determined to be old victims that the group reposted. Although LockBit continues operations, law enforcement actions and sanctions against the group’s leader caused significant disruptions, and it is likely that LockBit will continue testing tactics as the group struggles to stay in the spotlight and maintain relevance in the current ransomware landscape.


LockBit lies about US Federal Reserve data, publishes alleged Evolve Bank data

Federal Reserve Board issues an enforcement action against Evolve Bancorp, Inc. and Evolve Bank & Trust for deficiencies in the bank’s anti-money laundering, risk management, and consumer compliance programs

Ransomware: May figures unduly inflated by LockBit