7/15/2021 1:33:00 PM Customers' data potentially viewed by unauthorized person, Bank of Oak Ridge says
by CHRIS BURRITT
OAK RIDGE - Bank of Oak Ridge recently informed some of its customers that their names, social security numbers and dates of birth may have been viewed by an unauthorized user on the bank's computer systems in April.
As part of its investigation of the incident, the bank told potentially impacted customers in a letter last week that "we learned that an unauthorized actor accessed our systems and may have viewed historical data containing certain customer data between April 26 and April 27, 2021."
The potentially impacted files contained "historical data only and related to certain accounts opened on or before Sept. 30, 2009," the letter stated. The bank told customers it wasn't aware of "any misuse of your information as a result of this incident."
Bank spokeswoman Skylar Mearing reiterated in an interview earlier this week that there's no evidence that customers' information has been misused. As a result, the bank doesn't consider that information was breached because there's no indication of theft, she said.
"We are providing this notice out of an abundance of caution," the letter said.
Mearing said the bank mailed the letter only to potentially affected customers. Citing the confidentiality of the bank's information, she declined to disclose the number of customers to whom the bank mailed letters.
Potentially affected customers were told they could sign up for 12 months of complimentary identity monitoring services, and the bank will also offer them "guidance on how to better protect your information."
The bank said it notified federal law enforcement officials and banking regulators while taking "steps to further enhance and monitor the security of our systems."
State regulators can't release information about the incident submitted by Bank of Oak Ridge to the public, said Sally-Ann Gupta, spokesperson for the North Carolina Office of the Commissioner of Banks in Raleigh.
Citing state laws, Gupta said in an email earlier this week that records related to the incident "are confidential supervisory information.'