Heritage Bank Data Breach Exposes Sensitive Customer and Employee Information
On March 2, 2026, Heritage Bank detected unauthorized activity within its network, revealing that an attacker had copied files from an internal employee file share server the previous day. The compromised server contained sensitive personally identifiable information (PII) belonging to both customers and employees.
Exposed data included account numbers, Social Security numbers (or ITINs), dates of birth, and addresses. The breach was discovered following an internal investigation, though the full scope of the incident remains under review.
Shamis & Gentile P.A., a law firm specializing in data breach class actions, is investigating potential legal claims for affected individuals. Those impacted may be eligible for compensation under consumer protection laws. The firm has encouraged individuals who received a breach notice or suspect their data was exposed to explore their legal options.
Source: https://www.claimdepot.com/investigations/heritage-bank-data-breach-2026
Heritage Bank cybersecurity rating report: https://www.rankiteo.com/company/heritage-bank_4
"id": "HER1774196747",
"linkid": "heritage-bank_4",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Financial Services',
'name': 'Heritage Bank',
'type': 'Bank'}],
'customer_advisories': 'Affected individuals encouraged to explore legal '
'options if they received a breach notice or suspect '
'their data was exposed',
'data_breach': {'data_exfiltration': 'Files copied from internal server',
'personally_identifiable_information': ['Account numbers',
'Social Security '
'numbers (or ITINs)',
'Dates of birth',
'Addresses'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personally identifiable '
'information (PII)'},
'date_detected': '2026-03-02',
'description': 'On March 2, 2026, Heritage Bank detected unauthorized '
'activity within its network, revealing that an attacker had '
'copied files from an internal employee file share server the '
'previous day. The compromised server contained sensitive '
'personally identifiable information (PII) belonging to both '
'customers and employees. Exposed data included account '
'numbers, Social Security numbers (or ITINs), dates of birth, '
'and addresses. The breach was discovered following an '
'internal investigation, though the full scope of the incident '
'remains under review.',
'impact': {'data_compromised': 'Personally identifiable information (PII) '
'including account numbers, Social Security '
'numbers (or ITINs), dates of birth, and '
'addresses',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential legal claims under consumer '
'protection laws',
'systems_affected': 'Internal employee file share server'},
'investigation_status': 'Under review',
'references': [{'source': 'Shamis & Gentile P.A.'}],
'regulatory_compliance': {'legal_actions': 'Potential class action '
'investigation'},
'response': {'third_party_assistance': 'Shamis & Gentile P.A. (law firm '
'investigating potential legal '
'claims)'},
'title': 'Heritage Bank Data Breach Exposes Sensitive Customer and Employee '
'Information',
'type': 'Data Breach'}