Regional US bank discloses breach exposing ~1.2M customer records
A mid-size regional bank confirmed attackers exfiltrated customer PII and partial account data after compromising a third-party file-transfer appliance. Notifications begin this week.
Another managed-file-transfer appliance as the entry point. If you run one, treat it as internet-facing crown jewels: segment it, log every transfer, and assume the vendor patch cadence is slower than the exploit cadence.
The bank says the intrusion was traced to an internet-exposed managed file-transfer (MFT) appliance, a class of software that has been repeatedly targeted because it sits at the edge and handles bulk sensitive data.
Exposed data reportedly includes names, addresses, account numbers and partial financial details. The bank has engaged external IR and is offering credit monitoring.
The pattern here is familiar: edge appliances with broad data access, patched on enterprise timelines, exploited within days of a disclosed bug. Detection should focus on anomalous outbound volume from the appliance and new service accounts.