Phoenix-based business bank Western Alliance has informed its customers about a data breach resulting from a zero-day vulnerability in third-party file transfer software.
The breach was uncovered in January when hackers leaked stolen records online. While Western Alliance has not disclosed the specific software involved, it was one of several organizations identified by the Clop ransomware gang in October. This group claimed responsibility for exploiting a vulnerability in the Cleo file sharing tool.
The incident involved the exfiltration of personal information from nearly 22,000 customers, including names, Social Security numbers, dates of birth, financial account numbers, driver’s license details, tax identification numbers, and/or passport information. This data was transferred through the affected file transfer software between October 12-24, 2024, just before the bank received a warning to patch its systems due to the newly discovered vulnerability.
In an SEC filing, Western Alliance stated, “The Company will work with clients who may have been impacted and will make appropriate notifications to affected individuals. Although the Company continues to investigate and has not determined the full impact of this incident, at this time the incident has not had a material impact on the Company’s business or operations.”