The Bank of Canton has confirmed a data breach. The Bank of Canton data breach allegedly targeted at least 9,500 of its valued customers, who may have had their personal information compromised as a result.
According to the notification letters, the Bank of Canton data breach occurred due to a cyber security breach involving one of the bank’s vendors, Fiserv, on or around May 27, 2023. The affected individuals primarily hail from Massachusetts.
Bank of Canton data breach confirmed
Boston 25 News reported the news incident where a spokesperson confirmed the Bank of Canton data breach, which was later notified to the concerned parties as soon as the necessary information was received from Fiserv.
While there is currently no evidence to suggest that any customers have experienced fraudulent activity, the bank is taking proactive steps to safeguard their interests.
To further ensure the security of its customers, the Bank of Canton is offering a complimentary two-year identity protection service. This comprehensive service encompasses credit monitoring, fraud consultation, and identity theft restoration.
Additionally, customers have the option to opt-in for security alerts, providing an extra layer of protection against potential fraudulent charges to their accounts.
The Cyber Express has also reached out to the bank to learn more about this Bank of Canton data breach and if any threat actor is related to the incident. However, at the time of writing this, no official statement or response has been received.
The compromised data in this Bank of Canton data breach was stored in a technical format, albeit unstructured. However, it is important to note that successful parsing and digestion could potentially reveal sensitive information, including customer names and other personal details, as highlighted by a Bank of Canton spokesperson.
Bank of Canton data breach: MOVEit vulnerability involvement
According to Boston 25 News, the Bank of Canton data breach originated from a vulnerability in Fiserv’s MOVEit Managed File Transfer application. This software is widely utilized by companies across the nation and became a target for hackers after the exposure of a critical vulnerability in its security protocol.
Fiserv alerted the Bank of Canton about the potential breach on August 3, 2023. Following a thorough review, the bank subsequently notified its customers on September 22nd.
The Bank of Canton cyberattack is believed to be linked to a ransomware group known as Clop, which exploited a zero-day vulnerability in Progress Software’s MOVEit Transfer enterprise file transfer tool in May 2023.
Although Progress acted swiftly to provide a patch, the breach had already caused extensive damage. Clop’s far-reaching attack affected a multitude of government, public, and business organizations worldwide, including prominent entities like New York City’s public school system and a UK-based HR solutions and payroll company with clients including British Airways and BBC.
In response to the Bank of Canton cyberattack, Fiserv promptly patched the technical vulnerabilities associated with the MOVEit software and undertook remedial actions in line with the software provider’s guidelines.
The Bank of Canton assures its customers that they will maintain their customary vigilance through automated fraud detection and analytical tools already in place.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.