First Merchants in Muncie, Ind., is the latest bank to disclose that customer data was exposed in the global incident involving Progress Software.
The $18.2 billion-asset company said in a regulatory filing that, while the MOVEit transfer incident, did not involve its bank’s internal network or IT systems, customers that use online and mobile banking could have had personal information copied through the cyberattack.
The vendor confirmed that it implemented recommended patches and the bank has worked with the vendor to determine potentially impacted customers and what data may have been exposed.
The incident did not impact the bank’s ongoing operations. First Merchants also said cyber insurance should cover many of the costs tied to the incident.
Umpqua Bank in Tacoma, Wash., and Hilltop Holdings in Dallas have also disclosed exposure to the cyberattack.