Eagle Bank has reported an incident impacting their MasterCard debit card customers.
Eagle Bank, a Bethesda, Maryland-based bank with 12 locations across Virginia, DC, and Maryland, recently faced a data breach.
The company reported the incident to the Massachusetts state government, as required by law. According to the report, the breach originated from a security intrusion at a United States merchant’s network, not at Eagle Bank itself. However, the breach impacted customers who hold a MasterCard debit card through Eagle Bank.
The hackers were able to access MasterCard account numbers and other account details for nearly a year. The breach occurred between August 15th, 2023 and May 25th, 2024. Accessed information may have been possessed or exfiltrated by the attackers.
In response, Eagle Bank is terminating all existing debit cards and issuing members new ones via mail. Current debit cards will no longer work after November 15th, 2024. Customers are advised to destroy their current debit card once they activate the new one.
Eagle Bank clarified that the breach did not occur within the bank itself, “The event in no way compromised the security in force at Eagle Bank or had any direct impact upon your account records on file at our institution.”
The company advises bank members to pay close attention to their checking account statements over the next 12 to 24 months, in case there are any fraudulent transactions.
“We apologize for the inconvenience this situation may cause and take this opportunity to once again assure you that your deposit account information on file with our institution has not been compromised,” the bank added.
Breaches are becoming increasingly common with third-party vendors. These breaches can be particularly confusing for individuals, who may not know who has access to their banking information. Currently, it’s unclear which merchant may have been at the root of the breach.
Furthermore, it may be troubling to some that the intrusion lasted nearly a year without detection. This extended period of time means that hackers were able to continuously access data, and it’s possible some bank members faced fraudulent charges before the breach was addressed.
Every company that handles sensitive medical, banking or personal information should prioritize security.
Paubox offers secure email, protected via encryption. While Paubox is tailored to protect medical information, it’s a solution that can work for any organization that needs to safeguard private and valuable data.
Related: HIPAA Compliant Email: The Definitive Guide