Webster Bank Addresses Ransomware Attack
Webster Bank is currently working with Guardian to implement enhanced security measures to safeguard its network, systems, and data, including that of its customers. Furthermore, the bank is reviewing its relationship with Guardian in light of the incident.
HARTFORD, Conn. – Connecticut Attorney General William Tong’s office is currently investigating a data breach involving Webster Bank and Guardian Analytics, a third-party vendor providing fraud protection services to the bank. The breach has impacted 153,754 banking customers in Connecticut. Webster Bank also sent a template letter to the Maine Attorney General’s office, notifying them of the breach.
On April 10, Webster Bank informed Tong’s office of the breach and began mailing notices to the affected residents the same day. According to the investigation, 117,278 customers had their names and account numbers exposed, while 36,476 customers also had their social security numbers exposed.
On January 26, 2023, Webster Bank’s Information Security team discovered that Guardian had suffered a ransomware incident. As a precautionary measure, Webster Bank has decided to provide all affected individuals with 24 months of complimentary credit monitoring and fraud protection services.
The unauthorized access to Guardian’s network began on November 27, 2022, with the threat actors gaining access through a user’s Virtual Private Network (VPN) connection to two domain controllers. The stolen data, which includes names, financial account numbers, and, in some instances, SSNs, was exfiltrated by the threat actors between November 27, 2022, and January 17, 2023.
In late January, the Daixin ransomware group began posting stolen data. Later, around February 10, 2023, the Lockbit ransomware gang also began posting stolen data. Guardian has not provided an explanation of how two threat actors came to possess the stolen data and confirmed that they did not pay a ransom.
Webster Bank is currently working with Guardian to implement enhanced security measures to safeguard its network, systems, and data, including that of its customers. Furthermore, the bank is reviewing its relationship with Guardian in light of the incident.
Guardian informed Webster that law enforcement has been notified and is cooperating with the ongoing investigation. Webster Bank began notifying affected individuals on April 10, 2023, and is working to notify any other financial institutions with customers impacted by the incident.
