PNC Financial Services, a major U.S. bank with over 2,200 branches, experienced a cybersecurity breach exposing the personally identifiable information (PII) of hundreds of thousands of individuals. The compromised data included names, addresses, Social Security numbers, and account numbers—highly sensitive details that could enable identity theft, financial fraud, or targeted phishing attacks. The incident was attributed to a cybercriminal hacker who gained unauthorized access to PNC’s systems. Following the breach, law firm Lynch Carpenter, LLP, initiated an investigation into potential legal claims, offering affected customers the opportunity to seek compensation. The breach underscores significant risks to customer trust, regulatory compliance (e.g., potential violations of data protection laws), and financial stability, as exposed PII can be exploited for malicious purposes over extended periods. The scale of the breach and the nature of the stolen data suggest severe operational and reputational consequences for PNC, including possible lawsuits, regulatory fines, and erosion of customer confidence in the bank’s cybersecurity measures.
TPRM report: https://www.rankiteo.com/company/pnc-bank
"id": "pnc3593135092525",
"linkid": "pnc-bank",
"type": "Cyber Attack",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Hundreds of thousands of '
'individuals',
'industry': 'Financial Services',
'location': 'Pennsylvania, USA (with nationwide '
'operations)',
'name': 'PNC Financial Services',
'size': 'Large (over 2,200 branches)',
'type': 'Bank / Financial Institution'}],
'customer_advisories': 'Potential data breach notifications sent to affected '
"individuals (implied by Lynch Carpenter's "
'investigation form)',
'data_breach': {'data_exfiltration': 'Likely (records accessed by '
'cybercriminal)',
'number_of_records_exposed': 'Hundreds of thousands',
'personally_identifiable_information': ['Names',
'Addresses',
'Social Security '
'numbers',
'Account numbers'],
'sensitivity_of_data': 'High (includes SSNs and account '
'numbers)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_publicly_disclosed': '2025-09-25',
'description': 'PNC Financial Services, a Pennsylvania-based bank with over '
'2,200 branches nationwide, announced a cybersecurity incident '
'impacting the personal information of hundreds of thousands '
'of individuals. A cybercriminal hacker may have accessed '
'records containing personally identifiable information (PII), '
'including names, addresses, Social Security numbers, and '
'account numbers.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive customer data',
'data_compromised': ['Names',
'Addresses',
'Social Security numbers',
'Account numbers'],
'identity_theft_risk': 'High (due to exposure of SSNs and account '
'numbers)',
'legal_liabilities': 'Lynch Carpenter, LLP is investigating claims '
'for potential compensation; class action '
'lawsuit possible',
'payment_information_risk': 'High (account numbers compromised)'},
'investigation_status': 'Under investigation by Lynch Carpenter, LLP for '
'potential legal claims',
'references': [{'date_accessed': '2025-09-25',
'source': 'Globe Newswire Press Release'},
{'source': 'PNC Corporate Profile',
'url': 'https://www.pnc.com/content/dam/pnc-com/pdf/aboutpnc/Fact%20Sheets/CorporateProfile.pdf'},
{'source': 'Lynch Carpenter LLP',
'url': 'https://www.lynchcarpenter.com'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuit '
'(under investigation by Lynch '
'Carpenter, LLP)'},
'response': {'communication_strategy': 'Public disclosure via Globe Newswire; '
'potential notifications to affected '
'individuals (implied by Lynch '
"Carpenter's investigation)"},
'threat_actor': 'Cybercriminal hacker',
'title': 'PNC Financial Services Data Breach',
'type': 'Data Breach'}