On August 14, 2024, the Maine Attorney General's Office disclosed a data breach affecting TD Bank N.A., occurring between September 11, 2023, and March 2024. The incident involved unauthorized access to personal information of two residents, exposing sensitive details such as names, addresses, Social Security numbers, and debit card information. The breach posed a direct risk of identity theft, prompting the bank to offer identity theft protection services to the impacted individuals. While the scale of the breach was limited to two individuals, the exposure of financial and personally identifiable information (PII)—particularly Social Security numbers—heightens the potential for fraudulent activity, including unauthorized transactions or account takeovers. The bank has not disclosed the exact method of the breach (e.g., phishing, insider threat, or system vulnerability), but the compromise of debit card details suggests a targeted attack aimed at financial exploitation. The incident underscores vulnerabilities in customer data protection, though no ransomware or large-scale systemic disruption was reported. The bank’s response included mitigative measures, but the breach highlights ongoing risks in financial sector cybersecurity.
TPRM report: https://www.rankiteo.com/company/td-waterhouse-bank-na
"id": "td-025090625",
"linkid": "td-waterhouse-bank-na",
"type": "Breach",
"date": "9/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 2,
'industry': 'Banking',
'location': 'United States (Maine residents affected)',
'name': 'TD Bank N.A.',
'type': 'Financial Institution'}],
'customer_advisories': 'Identity theft protection services offered to '
'affected individuals',
'data_breach': {'number_of_records_exposed': 2,
'personally_identifiable_information': ['names',
'addresses',
'social security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Identifiable '
'Information (PII)',
'Financial Data']},
'date_publicly_disclosed': '2024-08-14',
'description': "The Maine Attorney General's Office reported a data breach "
'involving TD Bank N.A., where improper access to personal '
'information of 2 residents occurred between September 11, '
'2023, and March 2024. Compromised data included names, '
'addresses, social security numbers, and debit card details. '
'Identity theft protection services were offered to the '
'affected individuals.',
'impact': {'data_compromised': ['names',
'addresses',
'social security numbers',
'debit card details'],
'identity_theft_risk': 'High (identity theft protection services '
'offered)',
'payment_information_risk': 'High (debit card details exposed)'},
'references': [{'date_accessed': '2024-08-14',
'source': "Maine Attorney General's Office"}],
'regulatory_compliance': {'regulatory_notifications': 'Maine Attorney '
"General's Office"},
'response': {'remediation_measures': 'Identity theft protection services '
'offered to affected individuals'},
'title': 'TD Bank N.A. Data Breach (2023-2024)',
'type': 'Data Breach'}