Maryland based Eagle Bank reports merchant data breach affecting Mastercard debit cards

Eagle Bank, a Maryland-based financial institution, is reporting a data security incident affecting their MasterCard debit card customers.

The breach occurred through a security intrusion at an unnamed United States merchant's network, not at Eagle Bank itself. The unauthorized access period occurred between August 15th, 2023, and May 25th, 2024.

Eagle Bank has terminated all existing affected debit cards, is issuing new cards to affected customers, sending new PINs in separate mailings and setting November 15, 2024, as the expiration date for all compromised cards.

Exposed Data:

• MasterCard account numbers
• Account details (specific details not disclosed)

The number of affected customers has not been disclosed by Eagle Bank. The root cause of the breach appears to be a security vulnerability at a third-party merchant's network, though specific details about the nature of the intrusion have not been disclosed.

Update - as of 16th of November 2024, Five more banks - Mainstreet Bank, Savers Bank, The Village Bank, Watertown Savings Bank and Webster Five Cents Savings Bank report potential debit card breaches stemming from a Mastercard merchant's compromised payment platform, with some banks automatically issuing replacement cards while others making them available upon request.

The merchant is not named and number of affected customers is not disclosed.