More data breaches in three major US banks exposed sensitive customer information, sparking views on the increasing vulnerability of financial institutions to cyber threats against their customer privacy and security.
Notable among the major US banks that experienced data breaches recently are Citizens Bank, Truist Bank, and First National Bank. Hundreds of customers of the three institutions had their personal information exposed. The recent data breaches at three major US banks, Citizens Bank, Truist Bank, and First National Bank, revealed thousands of customers’ sensitive information.
The Citizens Bank Data Breach: Exposure to Sensitive Data for Six Months
Citizens Bank, the 15th-largest lender in the US, said it suffered a data breach, according to a notice filed with the Office of the Vermont Attorney General. The breach was discovered on July 10, 2024, and occurred during the first half of 2024, according to the notice. Images that included customers’ personal information were sent to an unauthorized person from January 10, 2024, up to and including June 13, 2024, the notice stated.
The compromised information consisted of highly sensitive details which would include names, account numbers, and social security numbers, among other personally identifiable information (PII). According to the bank, the breach is a one-off affair, touching less than 100 clients.
Citizens Bank does say it has contained the breach. The incident once again reminds everyone of how dire the situation remains over data security between financial institutions and their customers.
Truist Bank Victim of Third-Party Security Breach
Truist Bank is also one of the nation’s eighth-largest lenders. The data breach was due to a third-party vendor, the bank’s debt collection agency. The breach has possibly leaked the personal information of customers of Truist Bank after a security incident earlier this year. According to a filing with the Office of the Attorney General of California, “the amount of personal information disclosed may vary for different consumers.”
Exposed information includes names, addresses, account numbers, dates of birth, and social security numbers. The bank has declined to comment on the number of affected customers but is currently working with the third-party service provider to identify the full extent of the breach and execute corrective measures.
Immediately, concerns arose about the safety of customers’ information in third-party vendors and third-party service providers with whom most banks associate themselves in transactions.
Case Scenario: First National Bank ATM Skimming Incident
First National Bank told 107 customers of its breach after thieves installed card-skimming devices on two of its ATMs. These card-skimming devices can obtain names, card numbers, card expiration dates, PINs, and card verification value (CVV) numbers before a new customer arrives at an ATM to make a transaction.
Besides collecting customers’ information, they utilized it in making fraudulent transactions on their clients’ cards. This resulted in unauthorized withdrawals from the accounts. The bank tried to allay its customers, citing that the people who had been victimized by the incident were being repaid the amounts of the fraudulent transactions. This is one of the reasons why incidences of card skimming devices are dangerous, and people should keep monitoring their financial transactions closely.
Growing Worries About Data Security in Banks
These three examples underscore an increasingly emerging issue that banks and other banking organizations are facing to protect the information their customers entrust them with. With cyber threats, such as data breaches, ransomware, and phishing, being more penetrating and sophisticated, there is a growing need for banks to continually adapt to provide appropriate defenses.
There is a high risk of identity theft and fraud against customers if personal data containing social security numbers, account information, and other sensitive details are exposed. Additionally, the banks should not only respond promptly to these breaches but also take further measures to avoid such incidents in the future.
Customers must, as soon as possible, check accounts and report such suspicious activities. Financial institutions should strengthen their cybersecurity protocols, working closely with third-party vendors to protect the data.
As data breaches are being witnessed more and more these days, it is imperative to demand AI-driven cybersecurity solutions or real-time monitoring and immediate response against cyber threats. Real-time monitoring, to push demand for AI-driven cybersecurity solutions, will be needed for quick detection of such cyber threats that may cause heavy losses before any kind of damage is done to customer data.