Bluestone Bank Reports Data Breach Affecting 7,605 Customers

Bluestone Bank, a US-based financial institution, has notified 7,605 customers about a data breach resulting from an administrative error. The incident, which took place on February 28, 2024, involved the unintended disclosure of sensitive personal information, including names, addresses, social security numbers, and account details, to an unauthorized recipient. The bank, based in Bridgewater, Massachusetts, has taken immediate steps to address the issue and reinforce its data handling procedures.

The bank has confirmed that the individual who received the information has signed a Certificate of Destruction, ensuring that all data was promptly and securely destroyed. Additionally, Bluestone Bank has mandated retraining for staff on the appropriate management of customer data and enhanced its existing protocols and controls to prevent similar incidents in the future. The bank is also offering its customers a complimentary membership to an identity-monitoring service for one and a half years to prevent possible misuse of personal information. Customers also have the option to close and reopen their bank accounts as an additional safety precaution.

Bluestone Bank's proactive response to the data breach underscores its commitment to customer information security. By taking immediate action to reinforce data handling procedures and offering identity-monitoring services, the bank aims to minimize the risk of potential harm to its customers. The incident highlights the importance of stringent data security management mechanisms in protecting customer information. As of November 2024, Bluestone Bank had $1.5 billion in total assets, reflecting its significant presence in the banking sector.