On July 20, 2023, Pacific Premier Bank filed documents with the Securities and Exchange Commission describing a third-party data breach involving a vendor’s use of MOVEit, a popular file sharing application. In this notice, Pacific Premier explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, account numbers, and other personally identifiable information. Once the investigation is complete, Pacific Premier and its vendor will begin sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Pacific Premier Bank, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Pacific Premier Bank vendor data breach. For more information, please see our recent piece on the topic here.

What Caused the Data Breach Affecting Pacific Premier Bank Customers?

The Pacific Premier Bank data breach was only recently announced, and more information is expected in the near future. However, Pacific Premier’s filing with the Securities and Exchange Commission provides some important information on what led up to the breach. Pacific Premier also posted a “MOVEit Cyber Incident Update” on its website.

According to these sources, Pacific Premier relies on the services of various third-party vendors. On July 20, 2023, a vendor of Pacific Premier notified the bank of a data security incident affecting Pacific Premier customers’ confidential information.

Evidently, the vendor used MOVEit, a file sharing tool that was recently discovered to contain a critical vulnerability. This vulnerability allowed hackers to access information stored on MOVEit servers, including the vendor’s.

Upon hearing about the MOVEit vulnerability, Pacific Premier’s vendor launched an investigation, confirming that an unauthorized party was able to access Pacific Premier customer data in the vendor’s possession.

After learning that sensitive consumer data was accessible to an unauthorized party, Pacific Premier Bank and its vendor worked together to identify what information was leaked and which customers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, account numbers, and other personally identifiable information.

On July 20, 2023, Pacific Premier Bank indicated that it is working with its vendor to provide notice of the breach to all affected parties. Note that the recent MOVEit data breach did not affect the core IT systems of Pacific Premier Bank, and the leaked data was limited to what was contained on the vendor’s MOVEit server.

More Information About Pacific Premier Bank

Founded in 1983, Pacific Premier Bank is a financial institution based in Irvine, California. Pacific Premier Bank offers retail and institutional customers the traditional suite of banking products through a large network of branches covering the following California counties: Los Angeles, Orange, Riverside, San Bernardino, San Diego, Santa Barbara, and San Luis Obispo. The bank also operates branches in Washington, Arizona and Nevada. Pacific Premier Bank employs more than 1,430 people and generates approximately $762 million in annual revenue.