450k 1st Source Bank Customers Lost Personal Data in a Breach
Table of Contents
- By Steven
- Published: Jul 28, 2023
- Last Updated: Jul 31, 2023
1st Source Bank is a major financial institution located in Indiana and Michigan. The bank is headquartered in South Bend, Indiana, but there are 81 branches in the two states. Between these branches, there is a large number of employees and hundreds of thousands of customers. Many of those customers lost their personal data thanks to a recent breach.
How Did the Attack Occur?
The 1st Source Bank data breach occurred in the same way as all the other MOVEit breaches. The hackers used the transfer software's vulnerability to access an information database and took all the data available. The data was stored and leveraged in an effort to make the victim companies pay a ransom. Once 1st Source Bank knew about the breach, it took steps to protect its consumer data, but by then, it was too late, and it was already stolen. This MOVEit data breach occurred around the same time as all the other breaches, meaning the attack was near the end of May or the beginning of June. More than 130 companies lost significant data to this vulnerability, and 1st Source Bank is on that list of victim companies now.
What Information Was Viewed or Stolen?
The consumers that were hit by this data breach lost a significant amount of personal data to the hackers. Information like first and last names, birth dates, home addresses, Social Security numbers, Driver's License numbers, and State IDs was lost. The data stolen could be used for identity theft attacks, and it's something users must protect themselves against. It's unlikely that the information stolen for each victim is the same, but of the 450,000 consumers thought to be involved, many likely lost harmful personal data to the attack.
How Did 1st Source Bank Admit to the Breach?
The bank filed a notice with the Maine Attorney General's office on July 14, 2023. The notice explains what information was stolen in the breach as well as how many individuals were influenced by this attack. The breach is also being covered by several different news outlets.
What Will Become of the Stolen Information?
The hackers that are stealing data via the MOVEit vulnerability are demanding ransom payments to stop them from spreading the data on the internet. These individuals will likely spread some of the data and sell the rest. Some of the hackers will also leverage the information in attacks in an effort to steal more accounts, access confidential files and get something of value.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a notice from 1st Source Bank explaining your data is involved in the data breach, you must protect yourself. Claim the free credit monitoring service being offered to everyone involved for 12 months of protection. You should also monitor any financial accounts you believe may be involved and carefully avoid providing information that may be requested in phishing attacks. If you do all those things, you'll be less likely to get attacked or harmed by the breach.