Cyber Incident Victim: Evercore

In November 2018, Evercore, an influential investment bank, experienced a cybersecurity breach resulting in the theft of thousands of sensitive documents. The incident originated in London when a junior administrator fell victim to a phishing attack, clicking a corrupt link in a deceptive email. This action granted hackers access to the employee's email inbox, enabling them to exfiltrate approximately 160,000 data objects including emails, documents, and calendar invitations. The compromised information contained details about client transactions and internal communications. Evercore discovered the intrusion and initiated an investigation to assess the scope and impact of the breach. The bank determined that the attackers leveraged the initial email compromise to propagate further phishing attempts using the administrator's address book.

Forensic analysis revealed no evidence that stolen data had been weaponized or disseminated beyond the attackers' initial access. Investigators concluded the primary objective appeared to be harvesting contact information to expand phishing operations rather than exploiting deal-related documents. Despite this assessment, Evercore proactively notified affected clients about potential exposure of their transactional information. The breach necessitated internal security reviews and client reassurance efforts regarding the integrity of ongoing deals. While operational disruptions were not explicitly detailed, the incident required significant resource allocation for incident response and regulatory compliance activities related to data breach disclosures.