A coordinated cyberattack targeting fourteen major US financial institutions has compromised the personal and financial data of approximately 45 million customers, making it one of the largest financial data breaches in American history. The attack, which began last Friday and was not discovered until Sunday, was confirmed by the FBI\'s Cyber Division on Tuesday morning.
The FBI confirmed Tuesday that 14 major US banks were hit in a coordinated cyberattack. Photo: Unsplash
The compromised data includes names, Social Security numbers, account numbers, email addresses, phone numbers, and in approximately 8 million cases, encrypted versions of passwords. The FBI said there is no evidence yet that any funds were stolen, but warned that the data could be used for identity theft, phishing attacks, and account takeover attempts.
Which Banks Were Affected
The FBI has not released the full list of affected institutions, but confirmed they include banks operating in all 50 states with a combined customer base representing roughly 14 percent of all US bank account holders. Sources familiar with the investigation told multiple news outlets that at least three of the affected institutions are among the ten largest banks in the United States by assets.
Several banks have begun notifying customers directly via email and text message. If you have not received a notification, it does not necessarily mean your data is safe — the notification process is ongoing and is expected to take up to two weeks to complete.
How to Protect Yourself Right Now
Security experts are recommending that all Americans take the following steps immediately, regardless of whether they have received a notification. First, place a credit freeze with all three major credit bureaus — Equifax, Experian, and TransUnion — which is free and prevents new credit accounts from being opened in your name. Second, change passwords for your bank accounts and any other accounts that use the same password. Third, enable two-factor authentication on all financial accounts. Fourth, monitor your accounts and credit reports closely over the coming weeks for any suspicious activity.
Security experts are urging all Americans to place credit freezes and change passwords immediately. Photo: Unsplash
Who Is Behind the Attack
The FBI said the attack has the hallmarks of a state-sponsored operation but declined to attribute it publicly at this time. Cybersecurity firm CrowdStrike, which has been brought in to assist with the investigation, said the techniques used are consistent with a threat actor it tracks under the name BlackSerpent, which it has previously linked to a foreign government but did not name in its public statement.
Leave a Reply