Western Alliance Bank has reported a significant data breach affecting nearly 22,000 customers whose sensitive information was accessed due to a zero-day vulnerability in a third-party file-transfer tool. The breach occurred between October 12 and 24 of last year, but the bank only became aware of it in January. The attackers accessed critical personal data, including social security numbers and account details. The incident is linked to the Cl0p ransomware group, which targeted various companies using the Cleo file transfer vulnerability. Subsequent patches by Cleo failed to fully address the issues, leading to ongoing risks.
Western Alliance Bank disclosed that nearly 22,000 customers' accounts were compromised due to a zero-day vulnerability in a third-party file-transfer tool.
Hackers accessed sensitive customer data, including social security numbers and bank account details, and the breach occurred between October 12 and 24 last year.
The incident involved attacks exploiting the Cleo file transfer vulnerability, which was previously warned about, with subsequent patches failing to fully resolve the issue.
Clop ransomware group claimed responsibility, providing companies a tight window to negotiate ransom before data exposure.
Collection
[
|
...
]