2023-07-05 FIRST MERCHANTS CORP Cybersecurity Incident

Page last updated on April 11, 2024

FIRST MERCHANTS CORP initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-07-05 08:00:18 EDT.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2023-07-05
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2023-07-05

FIRST MERCHANTS CORP filed an 8-K at 2023-07-05 08:00:18 EDT
Accession Number: 0000712534-23-000152

Item 8.01 Other Events.

First Merchants Bank (the “Bank”), a wholly-owned subsidiary of First Merchants Corporation (“First Merchants”), has received written notice that certain of its customer data was potentially included in the global incident involving Progress Software (MOVEit Transfer). The incident did not involve the Bank’s internal network or IT systems, but was rather related to a third party prominent financial institution vendor who utilized MOVEit Transfer in its service offering to the Bank. Based on the investigation to date, the Bank’s customers who use online and mobile banking could have had personal information copied through the cyberattack. The vendor confirmed that they implemented the recommended patches released by Progress Software for the MOVEit platform to date. The Bank worked with the vendor to determine the potentially impacted customers and the extent of information potentially exposed and the Bank is notifying potentially affected customers appropriately with the first such notice being on or about July 5, 2023. The incident did not impact the ongoing operations of the Bank and the Bank carries cyber insurance which it expects to cover many of the costs related to the incident.

Company Information