CBB Bank Data Breach Exposes Names, Jan-Feb 2025

On Feb. 6, 2025, Commonwealth Business Bank (CBB Bank) discovered suspicious activity on certain systems within its network. An investigation determined that unauthorized access had occurred between Jan. 25, 2025, and Feb. 8, 2025. During this period, files and folders within the bank’s environment were viewed or potentially acquired by unauthorized parties.

The number of impacted individuals has not been released but may include thousands of account holders. Compromised information may include names, addresses, contact information, dates of birth, Social Security numbers, account numbers and other financial information.

The breach was reported to the California Attorney General’s office on Aug. 13, 2025. CBB bank is notifying affected individuals by mail. This type of breach, with the combination and personal and financial data exposed, is considered severe.

Commonwealth Business Bank's response

CBB Bank immediately secured its systems and launched an investigation with the assistance of cybersecurity experts. In addition to required state and federal disclosures, the bank is offering free Experian IdentityWorks credit monitoring services to impacted individuals.

If you receive a notice from Commonwealth Business Bank about this breach, you may want to:

• Enroll in the free Experian IdentityWorks credit monitoring services offered by CBB Bank.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the bank can be found on the Commonwealth Business Bank website.