A U.S. bank has alerted thousands of customers about a potential compromise of their sensitive information following an “administrative error.” In a recent filing with the Office of the Maine Attorney General, BLUESTONE BANK disclosed that a mishap in late February resulted in the unauthorized disclosure of personal data belonging to 7,605 customers.
According to the Bridgewater, Massachusetts-based bank, confidential customer information was inadvertently sent to an unintended recipient on February 28, 2024. The exposed data included names, addresses, Social Security numbers, and account numbers.
“The personal information that may have been accessed includes the data we have on file for you, such as your name, address, social security number, and account number(s),” the bank stated in its notification.
BLUESTONE BANK has implemented several measures to mitigate the risk of harm to affected customers. “The individual who received the information has signed a Certificate of Destruction, confirming that all information was promptly and securely destroyed and no information was retained,” the bank assured. Additionally, the institution has reinforced its data handling procedures, conducted mandatory retraining, and enhanced its existing protocols to prevent future incidents.
To further safeguard customers, BLUESTONE BANK is offering complimentary access to an identity-monitoring service for 18 months. Customers also have the option to close and reopen their accounts as a precautionary measure.
As of November 2024, BLUESTONE BANK reported total assets of $1.5 billion.
Source: Office of the Maine Attorney General, Bluestone Bank Financial Report