Bank OZK Announces Third-Party Data Breach Stemming from Vendor’s Use of MOVEit

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On August 7, 2023, Bank OZK filed a notice of data breach with the Attorney General of Massachusetts after discovering that one of the company’s business partners experienced a data breach related to a vulnerability in MOVEit. In this notice, Bank OZK explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, transaction activity, dates of birth and Trust and Wealth account numbers. Upon completing its investigation, Bank OZK began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Bank OZK, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Bank OZK vendor data breach. For more information, please see our recent piece on the topic here.

What Caused the Data Breach Affecting Bank OZK Customers?

The Bank OZK data breach was only recently announced, and more information is expected in the near future. However, Bank OZK’s filing with the Attorney General of Massachusetts provides some important information on what led up to the breach.

According to this source, Bank OZK relies on various business partners or vendors to perform certain services. Recently Bank OZK was informed by one of the company’s business partners about a data security incident involving the popular file transfer software MOVEit. Evidently, unauthorized parties were able to access certain files containing confidential customer information that was stored on the vendor’s MOVEit server.

After learning that sensitive consumer data was accessible to an unauthorized party, Bank OZK reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, transaction activity, date of birth and Trust and Wealth account numbers.

On August 7, 2023, Bank OZK sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

Notably, the Bank OZK vendor data breach did not impact any of the bank’s computer systems, and all compromised information was stored on the vendor’s MOVEit server.

More Information About Bank OZK

Bank OZK is a financial institution located in Little Rock, Arkansas. Bank OZK offers the traditional suite of banking services, including individual and business checking accounts, savings accounts, loans and mortgages. Bank OZK operates over 240 offices in eight states. Bank OZK employs more than 26,000 people and generates approximately $1.2 billion in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide