California International Bank Data Breach Exposes Social Security Numbers

Westminster-based, California International Bank, experienced a data breach involving unauthorized access to an employee email account. The incident took place between Sept. 11, 2024, and Sept. 12, 2024. On Sept. 12, 2024, the bank discovered that an unauthorized individual had gained access to one employee’s email account.

The breach potentially exposed sensitive consumer information, including financial account details and Social Security numbers.

After learning of the incident, the bank launched an investigation with the help of external cybersecurity professionals. Through this process, it was determined that emails within the compromised account may have been accessed or removed by the unauthorized party during the breach window. By Aug. 29, 2025, the bank’s review concluded that the affected emails could have contained personal information belonging to certain individuals.

The breach affected at least four people in Massachusetts, as reported to the Massachusetts Attorney General’s office. The bank also notified the California Attorney General’s office. The compromised data included personally identifiable information (PII) such as financial account numbers and Social Security numbers.

On Sept. 19, 2025, the bank disclsoed the breach to the the California Attorney General and the Massachusetts Attorney General.

California International Bank's response

Upon discovering the unauthorized access, California International Bank secured the affected email account to prevent further intrusion. The bank then initiated a thorough investigation with the assistance of external cybersecurity experts experienced in handling similar incidents. After the investigation, a comprehensive review of the potentially impacted emails was conducted to identify individuals whose information may have been exposed.

As a precaution, the bank is offering complimentary credit monitoring and identity restoration services through Experian IdentityWorks to affected individuals. These services include credit monitoring, identity restoration support, and up to $1 million in identity theft insurance. Enrollment instructions and activation codes have been provided directly to those impacted.

Given that the breach involved access to sensitive financial and personal data, affected individuals are strongly encouraged to:

• Enroll in the offered credit monitoring services
• Place a fraud alert on their credit files with the major credit bureaus
• Consider placing a security freeze on their credit reports
• Regularly review account statements and credit reports for suspicious activity

Further, individuals can obtain a free credit report annually from each of the three major credit bureaus and are advised to remain vigilant for signs of identity theft or financial fraud.