Western Alliance Bank data breach exposes 21K customers

Western Alliance Bank, a major U.S. banking company is reporting a data breach affecting 21,899 customers. The Arizona-based bank discovered that customer personal information was stolen after a third-party vendor's secure file transfer software was compromised in October 2024.

The specific file transfer software was not named, the timeline indicates that the bank was likely affected by an attack on Cleo's file sharing tools.

The bank's investigation determined that the unauthorized actors acquired files from their systems between October 12, 2024, and October 24, 2024. An analysis of the stolen data, confirmed that the files contained various types of personal information, including:

• Names
• Social Security numbers
• Dates of birth
• Financial account numbers
• Driver's license numbers
• Tax identification numbers
• Passport information (if previously provided to the bank)

Western Alliance is offering affected customers one year of free membership for Experian IdentityWorks Credit 3B identity protection services. The bank claims that they have no evidence to believe that your personal information has been misused for the purpose of committing fraud or identity theft but encourages customers to take advantage of the complimentary credit monitoring.