Recently, First Merchants Bank (“FMB”) posted a notice on its website explaining that a data breach at one of its vendors resulted in certain FMB customers’ sensitive information being compromised. In this notice, FMB explains that the incident involved its vendor’s use of the MOVEit file transfer software, resulting in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, telephone numbers, addresses, email addresses, dates of birth, mother’s maiden names; online/mobile banking usernames, and financial account information, including account and routing numbers.

If you receive a data breach notification discussing the First Merchants Bank / MOVEit data breach, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the First Merchants Bank data breach. For more information, please see our recent piece on the topic here.

What Caused the Data Breach Affecting First Merchants Bank Customers?

The First Merchants Bank data breach was only recently announced, and more information is expected in the near future. However, FMB’s notice entitled “NOTICE OF MOVEIT DATA INCIDENT” provides some background.

According to this source, FMB uses several vendors to manage the company’s technology and customers’ banking experience. Recently, one of FMB’s vendors informed the company that the file transfer service it used, called MOVEit, was found to contain a vulnerability. This vulnerability allowed hackers to access information stored within the software.

On June 21, 2023, FMB’s vendor confirmed that certain data belonging to FMB customers may have been copied without authorization from its MOVEit system between May 28 and May 30, 2023.

After learning that sensitive consumer data was accessible to an unauthorized party, First Merchants Bank reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, telephone number, address, email address, date of birth, mother’s maiden name, online/mobile banking username, and financial account information, including account and routing numbers.

More recently, First Merchants Bank posted notice of the incident on its website. At this point, it is not clear whether FMB or the vendor that experienced the breach will be sending out data breach letters. Whichever company issues these letters, they will provide victims with a list of which information of theirs was compromised.

More Information About First Merchants Bank

Founded in 1893, First Merchants Bank is a financial institution based out of Muncie, Indiana. FMB provides a range of banking-related services, including personal banking, business banking, mortgage lending, treasury management services, and wealth management services. FMB operates dozens of locations in Indiana, Michigan, Illinois, and Ohio. First Merchants Bank employs more than 1,821 people and generates approximately $523 million in annual revenue.