In September 2025, PNC Financial Services suffered a data breach exposing sensitive personally identifiable information (PII) of customers. The breach involved unauthorized disclosure of names, addresses, account numbers, Social Security numbers, emails, phone numbers, and account types to another client and potentially to a threat actor on the dark web. A dark web posting by 'Market Exchange' claimed to sell 740,000 stolen records, though PNC has not confirmed the total number of affected customers. The breach was disclosed to regulators, and impacted individuals were notified via mail. The incident poses risks of identity theft, financial fraud, and reputational harm, with PNC offering credit monitoring services to mitigate fallout. Legal firms are investigating potential compensation claims for affected parties.
Source: https://www.claimdepot.com/investigations/pnc-bank-data-breach-2025
TPRM report: https://www.rankiteo.com/company/pnc-bank
"id": "pnc2362523091825",
"linkid": "pnc-bank",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown (740,000 records '
'allegedly sold on dark web; '
'exact number not disclosed by '
'PNC)',
'industry': 'Banking and Financial Services',
'location': 'Pittsburgh, Pennsylvania, USA (HQ); '
'operations in Canada, Germany, UK, China',
'name': 'PNC Financial Services Group',
'size': 'Large (2,200+ branches, $559B assets under '
'management as of June 2025)',
'type': 'Financial Services Corporation'}],
'customer_advisories': ['Review and save notification letters',
'Enroll in free credit monitoring (Experian '
'IdentityWorks)',
'Monitor accounts for suspicious activity',
'Place fraud alerts or credit freezes',
'Request free annual credit reports',
'Seek legal help if affected'],
'data_breach': {'data_exfiltration': 'Yes (alleged sale of 740,000 records on '
'dark web)',
'number_of_records_exposed': '740,000 (alleged by dark web '
'seller; PNC has not confirmed '
'total)',
'personally_identifiable_information': ['Name',
'Address',
'Social Security '
'number',
'Account number(s)',
'Email',
'Phone number',
'Account type'],
'sensitivity_of_data': 'High (includes SSNs, account numbers, '
'and other PII)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Account Information']},
'date_publicly_disclosed': '2025-09-10',
'description': 'PNC Financial Services reported a data breach in September '
'2025 that compromised the personal information of some '
'customers. The breach involved the improper disclosure of '
'personally identifiable information (PII) to another client '
'without authorization. Additionally, a threat actor known as '
"'Market Exchange' claimed to be selling 740,000 records of "
'PNC customer data on the dark web, including names, emails, '
'account types, phone numbers, and other details.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive customer data '
'and dark web sale claims',
'data_compromised': ['Name',
'Address',
'Account number(s)',
'Social Security number',
'Email',
'Phone number',
'Account type'],
'identity_theft_risk': 'High (PII including SSNs exposed)',
'legal_liabilities': 'Potential lawsuits and compensation claims '
'from affected customers'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes (740,000 records '
"allegedly sold by 'Market "
"Exchange' on Tor "
'network)'},
'investigation_status': 'Ongoing (class action investigation by Shamis & '
'Gentile P.A.; PNC has not released full details)',
'motivation': 'Financial gain (data sold on dark web)',
'recommendations': ['Enroll in free Experian IdentityWorks credit monitoring',
'Monitor financial statements for suspicious activity',
'Place a fraud alert on credit reports',
'Request free annual credit reports from major bureaus',
'Seek legal counsel if affected'],
'references': [{'source': 'Shamis & Gentile P.A. (Class Action Investigation '
'Notice)'},
{'source': 'PNC Financial Services Customer Notification '
'(Mail, Sept. 10, 2025)'},
{'source': 'Massachusetts Attorney General’s Office Disclosure '
'(Sept. 16, 2025)'},
{'source': "Dark Web Posting by 'Market Exchange' (Sept. 7, "
'2025)'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuits '
'(investigation by Shamis & '
'Gentile P.A.)',
'regulatory_notifications': ['Massachusetts '
'Attorney General’s '
'office (notified '
'Sept. 16, 2025)']},
'response': {'communication_strategy': ['Mail notifications to affected '
'customers (sent starting Sept. 10, '
'2025)',
'Disclosure to Massachusetts Attorney '
'General’s office (Sept. 16, 2025)',
'Public advisory via Shamis & Gentile '
'P.A. (class action investigation)'],
'incident_response_plan_activated': 'Yes (customer notifications '
'initiated)',
'remediation_measures': ['Free credit monitoring (Experian '
'IdentityWorks) offered to affected '
'customers',
'Customer notifications via mail'],
'third_party_assistance': 'Experian IdentityWorks (credit '
'monitoring services offered to '
'affected customers)'},
'threat_actor': 'Market Exchange (alleged dark web seller)',
'title': 'PNC Financial Services Data Breach (2025)',
'type': 'Data Breach'}