A Major Breach Exposes Sensitive Customer Data
Phoenix-based Western Alliance Bank has confirmed that the personal information of nearly 22,000 individuals was compromised due to a critical vulnerability in third-party file transfer software. The breach, which is part of a larger wave of cyberattacks linked to the Clop ransomware gang, has raised serious concerns about the security of financial institutions relying on third-party vendors for sensitive data handling.
The Breach: What Happened?
According to regulatory filings submitted in Maine and California, the cyberattack targeted a secure file transfer software used by Western Alliance Bank and numerous other organizations. While the notifications do not specify the exact software, the attack aligns with previous Clop ransomware gang exploits, which have targeted vulnerabilities in file transfer tools such as:
- MOVEit (Progress Software)
- GoAnywhere (Fortra’s File Transfer tool)
- Accellion FTA
- Cleo (Suspected in this breach)
Western Alliance Bank confirmed that attackers exploited an unknown vulnerability in this software in October 2024, allowing them to access a portion of the bank’s systems and extract files containing sensitive customer information.
Timeline of the Breach:
⬖ October 12-24, 2024: Attackers accessed and stole data from Western Alliance’s systems.
⬖ October 2024: Clop ransomware group publicly claims responsibility for exploiting Cleo software vulnerabilities.
⬖ January 27, 2025: Western Alliance Bank discovers that hackers had gained access to sensitive data.
⬖ March 2025: The bank discloses the breach and begins notifying affected customers.
What Data Was Stolen?
Western Alliance Bank’s investigation determined that the stolen data includes:
🔹 Names
🔹 Social Security numbers
🔹 Dates of birth (in some cases)
🔹 Financial account numbers
🔹 Driver’s license numbers
🔹 Tax identification numbers
🔹 Passports (in certain cases)
This breach exposes customers to identity theft, financial fraud, and potential phishing scams in the months and years ahead.
Who is Clop? The Cybercriminal Group Behind the Attack
The Clop ransomware gang has been one of the most prolific cybercriminal groups in recent years, targeting large-scale file transfer software vulnerabilities to steal sensitive data from businesses and governments worldwide.
◈ History of Clop’s File Transfer Attacks:
- MOVEit Breach (2023): Stole data from hundreds of organizations, including banks, government agencies, and hospitals.
- GoAnywhere Breach (2023): Exploited a vulnerability in Fortra’s GoAnywhere software, affecting more than 130 companies.
- Accellion FTA Attacks (2021): Data theft affecting major universities, hospitals, and financial firms.
- Cleo Breach (2024-2025): Ongoing campaign affecting banks, legal services, and IT companies.
Other Companies Affected by the Cleo Breach
Western Alliance Bank is just one of many victims in the ongoing cyberattack campaign linked to Cleo vulnerabilities.
🔹 Hewlett Packard Enterprise (HPE): Investigating claims but has not confirmed a data compromise.
🔹 Thomson Reuters (Legal Tracker subsidiary): Confirmed a “small subset” of affected customers and removed the Cleo application from its environment.
🔹 At least 66 other companies initially named in October 2024, with more being added throughout 2025.
Western Alliance Bank’s Response & Next Steps
⬖ The bank has pledged to provide one year of identity protection services to all 21,899 affected individuals.
⬖ Security measures have been updated, though the bank has not disclosed specific actions taken.
⬖ Regulatory filings confirm an ongoing investigation into the full scope of the breach and whether additional customers or financial data may have been impacted.
Despite reporting a net income of $787.7 million in 2024 and holding over $80 billion in assets, Western Alliance Bank is now facing serious reputational and legal risks due to its reliance on third-party software with known security vulnerabilities.
The Bigger Picture: Why Third-Party Software is a Major Cybersecurity Risk
This breach is yet another example of how financial institutions, IT giants, and government agencies are increasingly vulnerable to third-party software exploits.
🔹 Why is this happening?
- Many organizations do not have direct control over third-party software security.
- Zero-day vulnerabilities in file transfer software remain undetected for months before they are exploited.
- Financial and healthcare industries store high-value personal data, making them prime targets for cybercriminals.
- Many banks and corporations fail to patch software vulnerabilities before attackers exploit them.
🔹 What Needs to Change?
- Stronger regulatory oversight of third-party security measures.
- Mandatory vulnerability testing before using external software for sensitive data transfers.
- Full transparency from vendors regarding potential risks in their products.
- End-to-end encryption and multi-factor authentication for all customer data storage and transfers.
What Can Affected Customers Do?
If you are one of the 21,899 people impacted by this breach, here’s what you should do immediately:
🔹 Monitor your financial accounts. Look for unauthorized transactions and report any suspicious activity to your bank.
🔹 Sign up for the identity protection services offered by Western Alliance Bank.
🔹 Watch out for phishing emails and scams. Cybercriminals may try to impersonate the bank or government agencies.
🔹 Consider freezing your credit to prevent identity thieves from opening accounts in your name.
🔹 Change your passwords and enable two-factor authentication on all banking and financial accounts.
Final Thoughts: The Cybersecurity Wake-Up Call
Western Alliance Bank’s failure to protect sensitive customer data highlights a growing crisis in cybersecurity—one that extends far beyond a single financial institution.
🔸 The reality is this: If your data is being transferred or stored by a third party, it is not truly secure. The Clop ransomware gang and other cybercriminal organizations continue to exploit weak points in corporate and government cybersecurity, leading to billions of dollars in losses and irreparable reputational damage.
🔹 For customers, the best protection is proactive vigilance.
🔹 For businesses, cybersecurity must be prioritized as a core operational requirement—not an afterthought.
🔹 For policymakers, stricter security regulations are no longer optional—they are necessary.
As more organizations come forward confirming their exposure to the Cleo breach, the question remains: How many more companies will be next?
Help us bring real change! Corporate lobbying has corrupted our system for too long, and it’s time to take action. Please sign and share this petition—your support is crucial in restoring accountability to our government. Every signature counts! Thank you!
https://www.ipetitions.com/petition/restore-our-republic-end-lobbying
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
