Summary: Western Alliance Bank is informing around 22,000 individuals that their personal information was compromised due to a vulnerability in a third-party secure file transfer software. The breach occurred in October 2024, and the stolen data includes sensitive information such as Social Security numbers and financial account details. The bank is offering one year of identity protection services to those affected and reported the incident to the Maine Attorney General’s Office.
Affected: Western Alliance Bank
Keypoints:
- Approximately 22,000 individuals’ personal information was stolen from a file transfer tool.
- The attack exploited an unknown vulnerability in the Cleo file transfer software.
- Western Alliance is providing one year of identity protection services to affected individuals.
- The breach was publicly acknowledged after a threat actor posted the stolen information online.
- Cl0p extortion group has exploited vulnerabilities in Cleo products, linking it to numerous data breaches.
Source: https://www.securityweek.com/western-alliance-bank-discloses-data-breach-linked-to-cleo-hack/