On August 11, 2023, Fidelity National Information Services, Inc. (“FIS Global”) filed a notice of data breach with the Attorney General of Maine after discovering that a vulnerability in the MOVEit file transfer program used by FIS Global compromised consumer information. Based on the available information, an unauthorized party was able to access consumers’ sensitive information, which includes their names and Social Security numbers. In the near future, victims affected by the breach should receive data breach notification letters explaining the incident and what data types were affected.

If you received a data breach notification discussing the MOVEit / Fidelity National Information Services, Inc. data breach, it is essential you understand what is at risk and what you can do about it. So far, FIS Global has confirmed that customers of Umpqua Bank, Valley Bank, and Sound Community Bank were affected by this incident. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Fidelity National Information Services data breach. For more information, please see our recent piece on the topic here.

What Caused the Fidelity National Information Services Breach?

FIS Global is a business that provides certain services to financial institutions. In order to perform these services, FIS Global is given information from banks. This is how FIS Global ended up with consumer information, even though most consumers may not have heard of the company.

The FIS Global data breach was only recently announced, and more information is expected in the near future. However, the filing with the Attorney General of Maine discussing the impact on Umpqua Bank provides some important information on what led up to the breach. According to this source, on May 31, 2023, Progress Software, the company responsible for developing MOVEit, announced a previously unknown vulnerability in the program. In response, FIS Global suspended its use of MOVEit until it installed all available patches to eliminate the vulnerability. FIS Global also launched an investigation into the incident.

On June 21, 2023, FIS Global informed its bank clients that certain files containing confidential consumer information may have been accessed by an unauthorized party. After learning that sensitive consumer data was potentially compromised, Fidelity National Information Services passed on the files to the various banks for their review. While the breached information varies depending on the individual, it may include your name and Social Security number.

In July and August, the banks impacted by the MOVEit / FIS Global data breach began sending out data breach letters to those customers whose information was compromised. These letters should provide victims with a list of what information belonging to them was compromised.

Please note that this incident involved unauthorized access to information in FIS Global’s possession, which occurred due to a vulnerability in MOVEit. There is no indication that hackers were able to access FIS Global’s system. And, at no point were hackers able to access the IT systems of Umpqua Bank, Valley Bank, or Sound Community Bank.

More Information About Fidelity National Information Services, Inc.

Founded in 1968 and based in Jacksonville, Florida, Fidelity National Information Services, Inc. is a company that specializes in credit card and transaction processing for banks. FIS Global serves 220,000 customers around the world, processing more than $40 trillion in transactions each year. Fidelity National Information Services employs more than 69,000 people and generates approximately $14.5 billion in annual revenue.