TD Bank has notified the New Hampshire Attorney General’s Office of an insider breach that does not appear to be the insider breach that made the media last month.
According to the bank’s January 24 notification, between July and November of 2013, an employee may have passed along some customers’ names, addresses, Social Security numbers, and deposit account numbers to an unauthorized party outside of TD Bank.
The matter has been referred to law enforcement, and customers were offered two years of free credit-monitoring services.
In the case reported in the media on December 6, a TD Bank teller in New York allegedly stole the identities of bank customers from January 2012 to May 2013. It is not clear to me whether that report is related to another notification TD Bank sent to New Hampshire on December 16, as that notification did not indicate the dates during which the data theft occurred.