Financial Sector Security Intelligence

Joyal Capital Management, LLC disclosed a data breach on May 29, 2026. The nature of the breach, the date it occurred or was discovered, the number of records affected, and the specific types of data exposed are not detailed in the provided information. The attack vector is also unknown.

KerberRose S.C. disclosed a data breach on May 29, 2026. The nature of the breach, the date it occurred or was discovered, the number of records affected, and the specific types of data exposed are not detailed in the provided information. The attack vector is also unknown.

Educational Employees Credit Union experienced a data breach on December 15, 2025, when an unauthorized individual gained access to an employee email account for a limited period. The credit union discovered the incident on the same day and initiated an investigation with cybersecurity professionals. The investigation concluded on May 8, 2026, determining that certain emails containing personal information may have been accessed or removed. While there is no evidence of financial fraud or identity theft, the credit union is offering two years of complimentary identity monitoring services through Kroll, which include credit monitoring, fraud consultation, and identity theft restoration.

The Industrial Acceptance Corporation disclosed a data breach on May 29, 2026. No further details regarding the date of occurrence, discovery, number of records affected, specific data exposed, or the attack vector were provided in the available information.

Smith & James, CPAs experienced a data security incident where an unknown actor accessed and acquired personal information on or about March 5, 2026. The company became aware of suspicious activity in their email environment on March 9, 2026, and engaged cybersecurity experts to investigate. The investigation confirmed that the exposed data included names, Social Security numbers, dates of birth, medical information, and health insurance information. Smith & James is offering complimentary credit monitoring and identity theft protection services through Cyberscout, a TransUnion company.

Texas Capital disclosed a data breach on April 26, 2026. The company is offering affected individuals a complimentary two-year membership to Experian's IdentityWorks℠ to help protect their identity. This service includes credit monitoring, internet surveillance for dark web activity, identity restoration specialists, and $1 million in identity theft insurance. The notification letter provides instructions for enrollment, including an activation code and a deadline of September 30, 2026. Contact information for Experian is provided for fraud issues and enrollment assistance.

TD Bank U.S. disclosed a data breach on May 26, 2026. The specifics of the breach, including the date it occurred, the number of records affected, the types of data exposed, and the attack vector, were not provided in the available information.

Frost Bank disclosed a data breach on December 6, 2025. Affected individuals are being offered free credit monitoring services through Cyberscout. The notification letter suggests that personal information, potentially including Social Security numbers, account numbers, names, addresses, emails, and phone numbers, may have been exposed. The exact date of the incident and the attack vector are not specified. Affected individuals are advised to enroll in credit monitoring within 90 days and to remain vigilant by reviewing account statements and credit reports.

Boston Capital Holdings LP disclosed a data breach on May 18, 2026. No further details regarding the date of occurrence, discovery, records affected, data exposed, or attack vector were provided in the available information.

The Beacon Mutual Insurance Company disclosed a data breach on May 18, 2026. No further details regarding the date of occurrence, discovery, number of records affected, specific data exposed, or the attack vector were provided in the available information.

Cresset Capital Management disclosed a data breach on April 6, 2026, after identifying suspicious activity within their computer network. The company promptly activated incident response protocols and engaged third-party cybersecurity professionals. While client assets, funds, and accounts were not compromised, personal information including name, contact information, date of birth, Social Security number, driver's license number, passport number, and financial account information was accessed. Cresset is implementing enhanced monitoring and has arranged for affected individuals to receive a complimentary two-year subscription to Experian IdentityWorks.

US Tiger Securities Inc. experienced a cybersecurity incident where files in their virtual back-office environment were encrypted and copied by an unauthorized third party between July 8, 2025, and July 9, 2025. The investigation determined that customer-facing trading operations were not impacted, and no intrusion occurred within the TradeUP production environment. The company is offering a 24-month complimentary subscription to Experian IdentityWorks to affected individuals.

Hawaii Employers Mutual Insurance Company, Inc. disclosed a data breach on May 13, 2026. The specific details regarding the date of the incident, the number of records affected, the types of data exposed, and the attack vector are not provided in the available information.

Accelerate Infrastructure Opportunities LLC disclosed a data breach on May 11, 2026. No further details regarding the date of the incident, the number of records affected, the specific types of data exposed, or the attack vector were provided in the disclosure.

American Lending Center disclosed a data breach on May 11, 2026. The specific details regarding the date of the incident, the number of records affected, the types of data exposed, and the attack vector are not provided in the available information.

Miller Insurance Protection Team disclosed a data breach on May 9, 2026. No further details regarding the date of occurrence, discovery, records affected, data exposed, or attack vector were provided in the available information.

Plaid, Inc. disclosed a data breach on May 9, 2026. Specific details regarding the date of occurrence, discovery, number of records affected, types of data exposed, and the attack vector were not provided in the available information.

Financial Foundations, Inc. disclosed a data breach on May 8, 2026. The nature of the breach, including the date it occurred, the number of records affected, and the specific types of data exposed, has not been detailed in the provided information. The attack vector also remains unknown.

MemberSource Credit Union disclosed a data breach on June 3, 2025. The notification letter provides guidance to affected individuals on how to protect their information, including monitoring accounts and credit reports, reporting suspected fraud, placing fraud alerts, and placing security freezes. The letter details the information required to place a fraud alert or security freeze, which includes full name, Social Security number, date of birth, address history, proof of current address, and government-issued identification. It also provides contact information for the three major credit reporting bureaus: TransUnion, Experian, and Equifax.

First Harvest Federal Credit Union disclosed a data breach on May 6, 2026. The specifics of the breach, including the date it occurred, the date it was discovered, the number of records affected, the types of data exposed, and the attack vector, were not provided in the available information.

A data breach occurred at TransGlobal Insurance Agency, which was disclosed on May 4, 2026. No further details regarding the date of the incident, the number of records affected, the specific types of data exposed, or the attack vector were provided in the available information.

TransGlobal Insurance Agency, Inc. experienced a cyberattack on or around February 18, 2026, which may have resulted in unauthorized access or acquisition of personal information. The incident was discovered on February 24, 2026. The exposed data may include name, address, social security number, driver's license number, and date of birth. The company has launched an investigation, engaged third-party forensic experts, reported the incident to the FBI, and is offering complimentary identity monitoring and fraud consultation services to affected individuals.

Frontwave Credit Union experienced a data breach due to an inadvertent disclosure of non-public information, including names and Social Security Numbers, to another credit union by one of its service providers. The incident was confirmed as isolated, and the receiving credit union has deleted the data. Frontwave is offering 12 months of complimentary Experian IdentityWorks membership to affected individuals.

Information regarding a data breach at Churchill Claims Services, Inc. was disclosed on April 27, 2026. Specific details about the date of the incident, the number of records affected, the types of data exposed, and the attack vector are not provided in the available information.

Information regarding a data breach at U.S. 1031 Exchange Services, Inc. was disclosed on April 23, 2026. Specific details about the date of the breach, the number of records affected, the types of data exposed, and the attack vector are not provided in the available information.

Heritage Bank disclosed a data breach on February 5, 2026. The notification letter provides guidance on steps individuals can take to protect their information, including enrolling in identity monitoring services provided by Cyberscout, a TransUnion company. It also advises monitoring credit reports and accounts, and outlines the rights to place fraud alerts or credit freezes on credit files.

Columbia Bank disclosed a data breach on October 2, 2025, where an unknown, unauthorized third party gained access to certain Columbia Bank applications between October 2, 2025, and December 22, 2025. The investigation determined that personal information, including name, address, driver's license number, and financial account number, was accessed. The bank is offering a one-year membership to Experian IdentityWorks Credit 3B for affected individuals and has enhanced its technical security measures.

Solari Accountancy, Inc. experienced a cybersecurity incident where an unauthorized individual gained access to their tax software system on or about April 8, 2026. While client tax returns were not directly affected, the company cannot guarantee that personal information was not exposed. Solari Accountancy has secured the environment, retained cybersecurity professionals, launched an investigation, and notified law enforcement and relevant tax authorities. Clients are advised to review tax notices, bank activity, and credit reports for suspicious activity.

Georgia Heritage Financial Credit Union experienced a data breach that affected 43,077 records. The exact date of the incident and discovery, as well as the specific types of data exposed and the attack vector, are not specified in the provided information.

Passco Companies, LLC discovered suspicious activity on its systems on August 7, 2025, leading to unauthorized access. An investigation confirmed that limited information was taken. A subsequent review identified that personal information, including name and Social Security number, pertaining to certain individuals was involved. The company began notifying affected individuals, including one Maine resident, on April 17, 2026, and is offering 12 months of free credit monitoring services through Experian.