Union Bank & Trust Customers Eligible for Up to $12,500 in MOVEit Data Breach Settlement
Union Bank & Trust Co. has agreed to a $2.4 million class action settlement following a data breach that exposed customers' personal information, including Social Security numbers and names, between May 27 and 31, 2023. The breach stemmed from a vulnerability in MOVEit, a file transfer software provider used by the bank, mirroring a similar incident involving Cadence Bank, which settled for $5.2 million.
Affected customers, who were notified by settlement administrators, can file claims for reimbursement under two categories: up to $2,500 for ordinary losses (plus $100 for time spent investigating) and up to $10,000 for documented extraordinary losses, with a combined maximum of $12,510. All eligible class members will also receive two years of three-bureau credit monitoring and identity theft protection.
Union Bank & Trust denies any wrongdoing but opted to settle to avoid further litigation. Claim forms must be submitted by July 21, 2026, with payments distributed after the final approval hearing on August 6. The case highlights the growing legal and financial risks companies face from third-party cybersecurity failures.
Source: https://www.the-sun.com/money/16344758/union-bank-trust-data-breach-class-action-settlement/
moveIT Software cybersecurity rating report: https://www.rankiteo.com/company/moveit-software
"id": "MOV1778524251",
"linkid": "moveit-software",
"type": "Vulnerability",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Class members (exact number not '
'specified)',
'industry': 'Financial Services',
'name': 'Union Bank & Trust Co.',
'type': 'Bank'}],
'attack_vector': 'Third-party software vulnerability',
'customer_advisories': 'Affected customers notified by settlement '
'administrators',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security numbers',
'Names']},
'date_detected': '2023-05-27',
'description': 'Union Bank & Trust Co. has agreed to a $2.4 million class '
'action settlement following a data breach that exposed '
"customers' personal information, including Social Security "
'numbers and names, between May 27 and 31, 2023. The breach '
'stemmed from a vulnerability in MOVEit, a file transfer '
'software provider used by the bank.',
'impact': {'data_compromised': 'Personal information, including Social '
'Security numbers and names',
'financial_loss': '$2,400,000 (settlement amount)',
'identity_theft_risk': 'High (Social Security numbers exposed)',
'legal_liabilities': 'Class action settlement',
'systems_affected': 'MOVEit file transfer software'},
'investigation_status': 'Settled',
'lessons_learned': 'Growing legal and financial risks companies face from '
'third-party cybersecurity failures',
'post_incident_analysis': {'root_causes': 'Third-party software vulnerability '
'(MOVEit)'},
'references': [{'source': 'Class action settlement notice'}],
'regulatory_compliance': {'legal_actions': 'Class action settlement'},
'response': {'communication_strategy': 'Settlement administrators notified '
'affected customers',
'enhanced_monitoring': 'Two years of three-bureau credit '
'monitoring and identity theft protection '
'for affected customers'},
'title': 'Union Bank & Trust MOVEit Data Breach Settlement',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit file transfer software vulnerability'}