Lake Shore Bancorp in Dunkirk, N.Y., disclosed that someone gained unauthorized access to data in its internal systems.
The $714 million-asset company said in a regulatory filing that its bank experienced a data security incident in November that barred employees from accessing internal systems and data for “a limited period of time.”
The bank immediately launched an investigation and hired a digital forensics firm to help determine the scope of the incident and identify potentially impacted data. Lake Shore also notified law enforcement and the Office of the Comptroller of the Currency about the incident.
Lake Shore said it believes its core banking and electronic interfaces, including deposit and loan systems, online/mobile banking systems and ATM systems were unaffected by the event.
Despite no evidence that customers’ personal information was misused, the bank said it notified affected customers and offered identity theft protection services to any impacted individuals.
“The bank has implemented additional safeguards to help ensure the security of its network to reduce the risk of a similar event occurring in the future,” the filing said.