Cadence Bank Data Breach: $5.25M Settlement for 869,411 Affected
Threat Intelligence

Cadence Bank Data Breach: $5.25M Settlement for 869,411 Affected

Bank Sending Up To $12,500 To Customers Following Major Data Breach That Affected 869,411 People

Cadence Bank will pay $5.25 million to settle claims related to a 2023 data breach affecting 869,411 customers. The breach, stemming from a MOVEit vulnerability, exposed sensitive personal information. Affected customers may be eligible for compensation up to $12,500.

A significant data breach at Cadence Bank has resulted in a $5.25 million settlement to compensate the 869,411 individuals whose sensitive personal information was compromised. The breach, which exploited a vulnerability in the MOVEit file transfer software, highlights the ongoing cybersecurity risks faced by financial institutions and their customers. This article delves into the details of the breach, the settlement agreement, and the impact on affected customers.

Introduction

In a move to address the fallout from a major cybersecurity incident, Cadence Bank, a regional bank with a presence in the South, has agreed to a $5.25 million settlement [ Conclusion - Cadence Bank Data Breach: $5.25M Settlement for 869,411 Affected target="_blank" rel="noopener">Source: ClassAction.org]. This settlement aims to compensate the 869,411 customers whose personal information was exposed during a data breach that occurred in May 2023 [Source: Top Class Actions]. The breach, which stemmed from a vulnerability in the MOVEit file transfer software, underscores the critical importance of robust cybersecurity measures in the financial sector. Affected customers may be eligible to receive up to $12,500 in compensation, depending on the extent of their losses [Source: dailyhodl.com].

Details of the Data Breach

The data breach at Cadence Bank was a consequence of a zero-day vulnerability in the MOVEit file transfer software, a tool used by the bank to manage sensitive customer data. The incident occurred between May 28 and May 31, 2023, when cybercriminals exploited this vulnerability to access and compromise personally identifiable information (PII) [Source: ClassAction.org].

Key Aspects of the Breach:

Cadence Bank notified affected individuals of the breach in September 2023 [Source: ClassAction.org]. The incident was part of a larger wave of attacks exploiting the MOVEit vulnerability, which impacted over 100 organizations [Source: ClassAction.org]. The breach led to a class action lawsuit alleging negligence in the bank's cybersecurity measures [Source: ClassAction.org].

Settlement Agreement

To resolve the class action lawsuit, Cadence Bank agreed to a $5.25 million settlement [Source: ClassAction.org]. This settlement aims to compensate affected customers for their losses and provide them with additional protection against potential identity theft. The preliminary approval for the settlement was granted by U.S. District Judge Allison D. Burroughs on December 19, 2025 [Source: cohenmilstein.com]. The final approval hearing is scheduled for July 9, 2026 [Source: cohenmilstein.com].

Key Terms of the Settlement:

  1. Settlement Amount: The total settlement fund is $5.25 million [Source: ClassAction.org].
  2. Compensation for Ordinary Losses: Affected individuals can claim up to $2,500 for ordinary losses, such as bank fees and lost time (calculated at $25 per hour for 4 hours) [Source: cohenmilstein.com].
  3. Compensation for Extraordinary Losses: Individuals who experienced more significant losses due to the breach may be eligible for up to $10,000 in compensation [Source: cohenmilstein.com].
  4. Credit Monitoring: All class members will receive two years of free credit monitoring services [Source: ClassAction.org].
  5. Non-Admission of Wrongdoing: As part of the settlement, Cadence Bank does not admit any wrongdoing [Source: ClassAction.org].

According to Cohen Milstein, the law firm involved in the case, the settlement agreement is designed to provide immediate and guaranteed relief to affected customers. Tammy Pratt, a plaintiff in the class action lawsuit, stated that "The settlement agreement... is fair, reasonable, and adequate as it provides immediate and guaranteed relief in the face of difficult, extensive, and expensive litigation" [Source: Cohen Milstein].

Impact on Customers

The data breach had a significant impact on the 869,411 Cadence Bank customers whose personal information was compromised. The exposure of sensitive data, such as Social Security numbers, puts these individuals at risk of identity theft and other financial crimes [Source: ClassAction.org].

Potential Risks to Customers:

  • Identity Theft: The exposed PII can be used by criminals to open fraudulent accounts, apply for loans, and commit other forms of identity theft [Source: ClassAction.org].
  • Financial Losses: Victims may incur financial losses due to unauthorized transactions, fraudulent charges, and the costs associated with restoring their credit [Source: ClassAction.org].
  • Emotional Distress: The stress and anxiety associated with being a victim of a data breach can have a significant emotional impact [Source: ClassAction.org].

The settlement provides some relief to affected customers, offering compensation for financial losses and credit monitoring services to help mitigate the risk of future harm. However, it is crucial for individuals to remain vigilant and take proactive steps to protect their personal information. Claims must be filed by June 4, 2026 [Source: ClassAction.org].

Conclusion

The Cadence Bank data breach and subsequent $5.25 million settlement serve as a stark reminder of the ever-present cybersecurity threats facing financial institutions and their customers. The exploitation of the MOVEit vulnerability highlights the importance of robust security measures, including regular software updates, vulnerability assessments, and incident response planning. As the digital landscape continues to evolve, financial institutions must prioritize cybersecurity to protect sensitive customer data and maintain public trust. The settlement offers some compensation and protection to affected customers, but vigilance and proactive security measures remain essential for mitigating the risks associated with data breaches.

Related: Cadence Bank | MOVEit

Sources

  1. Automated Pipeline
  2. $5.25M Cadence Bank data breach class action settlement
  3. $5.25M Cadence Bank Settlement Ends Class Action Lawsuit Over May 2023 Data Breach
  4. Cadence Bank Seeks 1st Nod for $5.25M Data Breach Deal
  5. Bank's $5.2 million data settlement — check if you got the notice
  6. Source: binance.com
  7. Source: dailyhodl.com
  8. Source: longbridge.com

Tags

data breachcybersecuritysettlementMOVEitCadence Bank

Originally published on Bank Sending Up To $12,500 To Customers Following Major Data Breach That Affected 869,411 People

Related Articles

Cadence Bank Data Breach: $5.25M Settlement for 869,411 Affected | Cyber Threat Defense