Three U.S. Banks Alert Customers to Data Breaches of Sensitive Information
Recent advisories from three major U.S. banks have revealed that sensitive personally identifiable information (PII) of customers has been compromised. Citizens Bank, Truist Bank, and First National Bank have all reported incidents that underscore the ongoing threat posed by cyberattacks and the vulnerabilities within third-party service providers.
In a filing submitted to the Vermont Attorney General’s Office, Citizens Bank disclosed details of a data breach that occurred in the first half of 2024. The bank reported being alerted on July 10 about an incident where images containing personal information were potentially shared with unauthorized individuals between January 10 and June 13 of this year. The information at risk included names, account numbers, Social Security numbers, and other sensitive data, affecting an estimated 100 customers. The incident represents a stark warning about the potential risks associated with unauthorized access to banking systems and data.
Meanwhile, Truist Bank has issued a warning regarding a security incident involving customer data handled by a third-party debt collection agency. According to their notice to the California Attorney General’s Office, the extent of the breach varies among customers, potentially including names, addresses, account numbers, dates of birth, and Social Security numbers. This highlights the persistent threat associated with third-party vendors, where weaknesses can be exploited to gain access to customer data.
First National Bank has also communicated a significant breach affecting 107 customers. The bank reported the installation of physical card skimming devices on two of its ATMs, resulting in the theft of names, card numbers, expiration dates, PINs, and CVV numbers. In some cases, customers have already experienced fraudulent transactions, and the bank is currently processing reimbursements for affected individuals.
These incidents demonstrate the vulnerabilities inherent in handling sensitive data and the increasing sophistication of adversary tactics in the cybersecurity landscape. Potential tactics employed in these breaches resonate with methodologies outlined in the MITRE ATT&CK framework, particularly concerning initial access and persistence. For instance, the skimming devices represent a physical access tactic, while the exposure of sensitive data via third-party services exemplifies risks associated with vendor relationships and supply chain vulnerabilities.
In light of these breaches, business owners should take proactive measures to assess their own cybersecurity protocols, ensuring both their systems and third-party service providers adhere to best practices. Increased vigilance and ongoing monitoring of customer data can help mitigate risks associated with similar incidents.
As the threat landscape continues to evolve, it is critical for businesses to remain informed and prepared. Enhanced cybersecurity awareness and robust incident response strategies can significantly reduce the impact of potential breaches and protect sensitive customer data from falling into the wrong hands.
This series of breaches serves as a cautionary reminder of the importance of vigilance in the face of ever-advancing cyber threats. Business leaders must prioritize the security of their operations to safeguard against potential data compromises now and in the future.
