2023-07-14 FIRSTSUN CAPITAL BANCORP Cybersecurity Incident

Page last updated on April 11, 2024

FIRSTSUN CAPITAL BANCORP initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-07-14 14:29:49 EDT.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2023-07-14
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2023-07-14

FIRSTSUN CAPITAL BANCORP filed an 8-K at 2023-07-14 14:29:49 EDT
Accession Number: 0001709442-23-000014

Item 8.01 Other Events.

On or about May 31, 2023, software provider, Progress Software Corporation, notified FirstSun Capital Bancorp’s wholly-owned subsidiary, Sunflower Bank, N.A. (the “Bank”) of a zero-day vulnerability in Progress Software’s managed file transfer software MOVEit. Like thousands of other organizations, across many industries, around the world, the Bank utilizes MOVEit for securely transferring sensitive and confidential information and other data, including for its First National 1870 and Guardian Mortgage divisions. The MOVEit software is not part of the Bank’s core processing systems. Instead, the software operates with an on-premises server that is segmented from the Bank’s other IT systems.

Upon receiving notice from MOVEit, the Bank promptly enacted response protocols to address the MOVEit vulnerability and protect the Bank’s data. In addition, a third-party forensic expert was retained, and a comprehensive investigation was launched to determine the nature and scope of the incident.

Since receiving notice of the situation, the Bank has been in regular contact with Progress Software and has implemented all fixes to the software that Progress Software has issued. However, before Progress Software notified the Bank of the vulnerability, we believe that an unauthorized party likely took advantage of the flaw in the MOVEit software and downloaded copies of files from the on-premises server that housed the MOVEit software that contained personally identifiable information. The Bank is working to identify any potentially affected data files. The Bank is also in the process of directly notifying any likely impacted parties based on the findings of the investigation.

We reiterate that the Bank’s core processing systems operate independently from the MOVEit software dedicated server and were not impacted by this matter. There has been no material interruption to the Bank’s business operations as a result of this incident.

The Bank has incurred, and may continue to incur, certain expenses related to this MOVEit incident, including expenses to respond to, remediate and investigate this matter. Further, the Bank remains subject to risks and uncertainties as a result of this incident, including as a result of the data that was accessed. Additionally, these security and privacy incidents have led to, and may continue to lead to, litigation and additional regulatory scrutiny. The Bank is in the process of evaluating the full scope of the costs and impact of the MOVEit incident.

Company Information