Heritage Financial in Olympia, Wash., disclosed that it detected a cybersecurity incident in early March involving an internal file share server used by employees.
The company said in a regulatory filing that it detected “the exfiltration of files” from the share server that may contain personal data. The bank’s customer accounts, customer systems and operations were not impacted.
Heritage Financial said it immediately initiated its security incident response plan and began deploying measures to stop the unauthorized activity, including taking the affected system offline. The incident did not disrupt the company’s operations.
The company has begun an investigation and hired experienced external advisers, including an independent forensic investigation firm and legal counsel, to assess, contain and remediate the incident. The company notified its banking regulators, law enforcement and cyber insurance carrier.
“While the investigation is ongoing … the company has not determined that the cyber incident is material or that it has had, or is reasonably likely to have, a material impact on the company’s financial condition or results of operations,” the filing said.