What Happened in the Bank3 Data Breach?
Bank3, a community bank based in Memphis, Tennessee, has disclosed a data breach that exposed sensitive personal and financial information belonging to thousands of its clients. The Bank3 data breach involved unauthorized access to the bank’s computer network. As a result, an unknown actor was able to view and copy information stored within the bank’s systems.
According to notification filings, the unauthorized actor accessed Bank3’s systems at various times between July 25, 2025, and Aug. 7, 2025. Bank3 first noticed suspicious activity within its network on Aug. 20, 2025. In response, the bank moved quickly to secure its systems and began an investigation with help from third-party forensic specialists.
The situation escalated on Oct. 13, 2025, when a ransomware group known as Qilin posted a claim on the dark web. The group alleged it had stolen 149 GB of data from Bank3, describing it as the bank’s entire data set. Qilin claimed the stolen files included personal and financial information for all clients, along with internal financial records belonging to the bank itself.
Following this claim, Bank3 conducted a thorough review of the affected data. This process was necessary to determine which individuals were impacted and exactly what categories of information were compromised. The bank ultimately confirmed the breach on Feb. 4, 2026, and began notifying affected individuals in writing on April 15, 2026.
Who was affected?
The Bank3 data breach affected a total of 11,512 individuals. Because Bank3 is a bank, those affected are most likely current or former customers whose account and personal information was stored in the compromised systems. The breach notification also referenced the bank’s own internal financial data, suggesting employees or business records may have been involved as well.
State-level breakdowns show that 319 residents of Texas, 30 of Indiana, 19 of New Hampshire and 17 of Massachusetts were among those affected. This indicates the breach reached individuals across multiple states, not just those local to Memphis. Because the notification was filed with attorneys general in several states, the true geographic scope may extend even further than the numbers listed above.
What Information Was Potentially Exposed?
The data compromised in this breach covers a wide range of sensitive categories. Because Qilin claimed to have taken the bank’s entire data set, the scope of exposed information is broad and serious. Bank3 confirmed the following types of personal information were involved:
- Full names
- Dates of birth
- Social Security numbers
- Taxpayer identification numbers
- Driver’s license or state identification numbers
- Financial account information
- Payment card information
- Health insurance information
This combination of data creates significant risk for affected individuals. For example, Social Security numbers and taxpayer identification numbers are often the key pieces of information criminals need to open new credit accounts or file fraudulent tax returns in someone else’s name. When paired with dates of birth and driver’s license numbers, identity thieves have nearly everything needed to impersonate a victim convincingly.
In addition, the exposure of financial account and payment card information raises the risk of direct financial fraud, including unauthorized charges or account takeovers. Because health insurance information was also exposed, affected individuals could face medical identity theft, where someone else uses their insurance details to obtain treatment or services. As a result, the consequences of this breach extend well beyond typical financial fraud concerns.
What is the company doing?
Once Bank3 discovered the suspicious activity, it took immediate steps to secure its network. The bank also brought in third-party forensic specialists to investigate the scope of the intrusion. This response allowed Bank3 to determine which systems were accessed and what data was affected.
In addition to securing its systems, Bank3 is notifying all affected individuals in writing. The bank is also offering 12 months of free credit monitoring and identity theft protection services through Cyberscout, a TransUnion company. However, individuals must enroll within 90 days of the date on their notification letter to receive this protection at no cost.
Bank3 has also set up a dedicated phone line for people with questions about the incident. This line operates from 7:00 a.m. to 7:00 p.m. CST, Monday through Friday, excluding major U.S. holidays. Individuals who prefer written correspondence may also contact Bank3 directly at its Memphis office address.
What Should Affected Individuals Do?
Freeze Your Credit and Watch for Fraud Alerts
Given that Social Security numbers and taxpayer identification numbers were exposed, placing a credit freeze is one of the most effective protective steps available. A credit freeze prevents new creditors from accessing your credit file, which stops most attempts to open new accounts in your name. You can contact Equifax, Experian and TransUnion directly to request a freeze.
Alternatively, you may consider placing a fraud alert instead of a full freeze. A fraud alert requires businesses to verify your identity before extending new credit, offering a lighter-touch layer of protection. Either option is free and can be requested through any one of the three major credit bureaus.
Monitor Your Credit Reports and Financial Accounts
Because financial account and payment card details were part of this breach, it’s important to review your bank and credit card statements regularly. Look closely for unauthorized charges, unfamiliar accounts, or suspicious activity. Catching fraud early can significantly limit the financial damage.
In addition, you should request your free credit reports through AnnualCreditReport.com. This allows you to check for new accounts or inquiries you didn’t authorize. Since the breach involved sensitive identifiers like Social Security numbers, ongoing monitoring for at least the next year is a wise precaution.
Take Precautions Against Medical Identity Theft
Because health insurance information was exposed, affected individuals should also watch for signs of medical identity theft. This can include unexpected medical bills, unfamiliar insurance claims, or notices about services you never received. Reviewing your health insurance statements regularly can help catch this type of fraud quickly.
If you notice anything unusual, contact your health insurance provider right away to report the issue. Acting quickly can help prevent fraudulent claims from affecting your coverage or medical records long-term.
Enroll in the Free Credit Monitoring Offered by Bank3
Bank3 is offering 12 months of free credit monitoring and identity theft protection through Cyberscout, a TransUnion company. This service can help detect suspicious activity tied to your personal information before it causes serious harm. Because enrollment must be completed within 90 days of your notification letter, it’s important to sign up as soon as possible.
Taking advantage of this free offer costs nothing and adds another layer of protection. Combined with a credit freeze and personal monitoring efforts, this service can help catch fraudulent activity you might otherwise miss.
Stay Alert for Phishing Attempts and Report Suspected Fraud
Scammers often use real breach events to trick victims into revealing even more personal information. Therefore, be cautious of any emails, phone calls or text messages referencing Bank3 or this breach specifically. Legitimate notifications from Bank3 will never ask you to provide sensitive information over email or phone.
If you notice signs of identity theft or fraud, report it immediately to the Federal Trade Commission at identitytheft.gov. You should also consider filing a report with local law enforcement. Because the exposed data included highly sensitive identifiers, individuals who experience financial harm may also want to speak with a data breach attorney to understand their legal options.
More Information
Official Data Breach Notification Letter (PDF)
Official Data Breach Notification Letter (PDF)
Official State Attorney General Notification
