- US lender, Centennial Bank, is facing class action lawsuits due to a data breach that exposed thousands of customers’ personal identifiable information (PII).
- The data breach occurred in April 2023, but the bank allegedly notified the affected customers a year later.
- The compromised data includes full names, Social Security numbers, dates of birth, driver’s license numbers, bank account numbers and health insurance details.
Centennial Bank is facing legal action over a data breach that exposed thousands of customers’ personal information. The bank is accused of failing to notify affected customers promptly, raising concerns over data security in the financial sector.
Details of the Data Breach
According to Centennial Bank’s website, the data security incident occurred between April 6th-7th of 2023, and the lender completed its review on March 29th. The bank has not released the exact number of customers affected, but a mandatory data breach notification in Washington State shows 3,044 people were affected in that state alone. The incident compromised customers’ sensitive information including full names, Social Security numbers, dates of birth, driver’s license numbers, bank account numbers and health insurance details.
Lawsuits and Allegations
One of the lawsuits alleges that Centennial Bank failed to establish a robust security system to protect its customers. The plaintiffs claim that the bank did not adequately protect their PII and did not encrypt or redact this highly sensitive information. The lawsuit further states that this unencrypted, unredacted PII was compromised due to the bank’s intentional, reckless, negligent and/or careless acts and omissions and its utter failure to protect customers’ sensitive data.
Impact of the Data Breach
Local news site 104.9 The Fox reports that Centennial Bank suffered a massive system-wide shutdown amid the April 2023 incident. Customers were not able to access online banking services or use their cards to withdraw cash or pay for goods and services. At the same time, branches of the billion-dollar lender could not complete withdrawals or take in cash deposits, while auto-deducted bills were rejected. Direct deposit checks for payrolls also witnessed delays.
Conclusion
This incident underscores the importance of robust data security measures in the financial sector. As Centennial Bank faces legal action, other financial institutions must take note and ensure their customer data is protected. This case also highlights the need for prompt communication in the event of a data breach to maintain customer trust.
