The First National Bank of Hughes Springs suffered a cybersecurity incident involving unauthorized access to employee email accounts between June 1, 2021, and June 30, 2021. The breach exposed sensitive personal and financial data of 17,812 individuals, including 3 Maine residents. Compromised information consisted of names, addresses, Social Security numbers, and financial account details, heightening risks of identity theft and financial fraud. In response, the bank offered 12 months of credit monitoring via Experian to affected individuals. The incident was reported to the Maine Office of the Attorney General on February 23, 2022, underscoring the severity of the data exposure and potential long-term repercussions for victims, including fraudulent activity and reputational harm to the institution.
TPRM report: https://www.rankiteo.com/company/herring-bank
"id": "her1014082125",
"linkid": "herring-bank",
"type": "Breach",
"date": "6/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 17812,
'industry': 'Banking/Financial Services',
'location': 'Hughes Springs, Texas (affecting '
'residents in Maine and other regions)',
'name': 'First National Bank of Hughes Springs',
'type': 'Financial Institution (Bank)'},
{'customers_affected': 3,
'location': 'Maine, USA',
'name': 'Maine Residents (3 individuals)',
'type': 'Individuals'}],
'attack_vector': 'Compromised Email Accounts',
'customer_advisories': '12 months of credit monitoring services offered to '
'affected individuals via Experian',
'data_breach': {'data_exfiltration': 'Likely (data accessed by unauthorized '
'parties)',
'file_types_exposed': ['Emails',
'Attachments (likely containing '
'PII/financial data)'],
'number_of_records_exposed': 17812,
'personally_identifiable_information': ['Names',
'Addresses',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High (includes SSNs and financial '
'account information)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Data']},
'date_publicly_disclosed': '2022-02-23',
'description': 'The Maine Office of the Attorney General reported that First '
'National Bank of Hughes Springs experienced unauthorized '
'access to employee email accounts from June 1, 2021, to June '
'30, 2021, potentially affecting 3 Maine residents and a total '
'of 17,812 individuals. The compromised information includes '
'names, addresses, Social Security numbers, and financial '
'account information. The bank is providing 12 months of '
'credit monitoring services through Experian to those '
'impacted.',
'impact': {'brand_reputation_impact': 'Potential negative impact due to '
'exposure of sensitive customer data',
'data_compromised': ['Names',
'Addresses',
'Social Security Numbers',
'Financial Account Information'],
'identity_theft_risk': 'High (due to exposure of SSNs and '
'financial data)',
'payment_information_risk': 'High (financial account information '
'compromised)',
'systems_affected': ['Employee Email Accounts']},
'initial_access_broker': {'entry_point': 'Employee Email Accounts',
'high_value_targets': ['Customer PII',
'Financial Data']},
'references': [{'date_accessed': '2022-02-23',
'source': 'Maine Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
'Attorney General']},
'response': {'communication_strategy': 'Public disclosure via Maine Office of '
'the Attorney General',
'incident_response_plan_activated': 'Likely (credit monitoring '
'offered suggests structured '
'response)',
'remediation_measures': ['12 months of credit monitoring for '
'affected individuals'],
'third_party_assistance': ['Experian (credit monitoring '
'services)']},
'title': 'Unauthorized Access to Employee Email Accounts at First National '
'Bank of Hughes Springs',
'type': 'Data Breach (Unauthorized Access)'}