What caused the data breach at Cadence Bank?

Cadence Bank reported a data breach resulting from a vulnerability in the MOVEit file transfer application, which allowed unauthorized access to sensitive consumer data.

When did Cadence Bank become aware of the MOVEit vulnerability?

Cadence Bank identified the previously unknown MOVEit vulnerability on June 1, 2023, and promptly took measures to address it by installing patches provided by Progress Software.

What actions were taken by Cadence Bank after discovering the vulnerability?

After discovering the vulnerability, Cadence Bank took immediate action by installing all available patches provided by Progress Software, reporting the breach to law enforcement, and initiating a thorough investigation with the assistance of third-party data security specialists.

What information was compromised in the data breach?

The compromised data included varying personal information for each affected individual, potentially comprising names, addresses, dates of birth, Social Security numbers, driver’s license numbers, and financial account details.

How did Cadence Bank respond to the breach involving MOVEit?

Cadence Bank responded by reviewing compromised files to determine the extent of the breach and affected consumers, completing this process on August 16, 2023. They then sent out data breach notification letters to impacted individuals on September 15, 2023, providing detailed information about the compromised data belonging to each victim.

Was any personal information compromised from Cadence Bank's computer systems?

No, the incident did not involve a breach of any of Cadence Bank’s computer systems. The compromised data was accessed through the company’s instance of MOVEit.

Incident

Cadence Bank reports MOVEit related data breach

published: Sept. 18, 2023

Learn More

Cadence Bank report a data breach caused by the vulnerability in the MOVEit file transfer application.

On June 1, 2023, Cadence became aware of a previously unidentified vulnerability in MOVEit, a widely used file transfer application at Cadence. In response, Cadence promptly installed all available patches provided by Progress Software to rectify the situation.

Additionally, they reported the breach to law enforcement and engaged third-party data security experts to conduct a comprehensive investigation. On June 18, 2023, Cadence's investigation confirmed the unauthorized access by an external party to confidential data within the MOVEit environment.

The compromised data varied for each individual, potentially including:

name,
address,
date of birth,
Social Security number,
driver’s license number,
financial account details.

No details are available about the number of affected individuals.

While the incident involved information provided to Cadence Bank, it did not stem from a breach of any of Cadence Bank’s computer systems. All compromised data was accessed through the company’s instance of MOVEit.

On September 15, 2023, Cadence Bank commenced the distribution of data breach notification letters to individuals whose data was compromised in this recent security incident. These letters are intended to provide the victims with a detailed list of the specific information belonging to them that was compromised.

Cadence Bank reports MOVEit related data breach

Read More
Libraries managed by Woolhara Council hit by cyberattack, …
EquiLend stock-lending platform down after ransomware attack
CBIZ retiree health plan reports data breach, exposes …
French Crypto Tax Platform Waltio Hit by Shiny …
New American Funding reports third party data breach …