Sunflower Bank reports MOVEit vulnerability data breach

Sunflower Bank reported a data breach they were impacted by a data breach caused by the vulnerability in MOVEit file transfer program that allowed hackers to access confidential customer information.

The investigation suggests that an unauthorized party managed to download files from Sunflower Bank's MOVEit server before the bank was alerted to the vulnerability. The bank is currently reviewing all potentially impacted files as part of the ongoing investigation.

If customer or employee data is confirmed to be compromised, it will send out data breach notification letters to all affected individuals.

Customers who provided their information to Sunflower Bank may be affected as the bank used MOVEit to transfer confidential data. The breach did not involve Sunflower Bank's computer system directly, but the use of MOVEit raised concerns about data exposure.

Around May 31, 2023, Progress Software, the developer of MOVEit, notified Sunflower Bank about the critical vulnerability. In response, the bank immediately secured its computer systems, installed patches to address the vulnerability, and launched an investigation with the assistance of a third-party forensics firm.