KeyBank confirmed to the Associated Press that its insurer, Kennesaw, Georgia-based Overby-Seawell, “suffered a cybersecurity incident that compromised data of its corporate clients.” It is unclear how many customers were affected, but those affected were contacted by the bank.
The acquired information includes customers’ names, addresses, mortgage account numbers, and the first eight digits of their nine-digit Social Security numbers. While the breach happened after hackers broke into Overby-Seawell’s computers on July 5, KeyBank said it did not know about the incident until Aug. 4.
“We take this matter very seriously and have notified all affected individuals,” KeyBank said in the letter obtained by the AP. It also encouraged the affected mortgage holder to enroll in free fraud monitoring.
KeyBank operates in 15 states and totes assets near $200 billion.
Overby-Seawell has not made a statement regarding the matter. Its customers are banks, credit unions, property investors, and finance companies.
The bank is cooperating with police to further investigate the breach.