American-based Fifth Third bank has received a lot of criticism for a cryptic breach disclosure letter that was sent to its customers. The letter reportedly contained vague and deceptive language, according to recipients. The company wrote to its customers after discovering a breach in which at least two of its employees stole customer information and provided it to a third party.
The data exposed potentially included SSN, addresses, phone numbers, dates of birth, account numbers, mothers’ maiden names, and driver’s license information. The thefts started in the summer of 2018, and all responsible individuals have since been terminated. However, it has not been confirmed if the data was ever sold on the dark web. The bank also has not specified how many users were impacted by the incident, only stating that they had notified those who were.
Read More: US Bank Slammed for “Vague and Deceptive” Breach Disclosure