Santander Data Breach Affects Thousands, Exposing Social Security Numbers

On May 10, 2024, Santander Holdings U.S.A., Inc. discovered that an unauthorized party had accessed certain records from a third-party database used by one of the company's affiliates. This breach occurred between late April and early May 2024. The investigation revealed that the compromised records included personal information of approximately 2,945 individuals in Texas and 2,644 in Massachusetts.

The exposed information includes:

• Name of individual
• Social Security Number
• Financial Information (e.g., account number, credit or debit card number)
• Date of Birth

The breach's severity is significant, as it involves sensitive personal and financial information that could potentially be misused for identity theft or fraud. The unauthorized access was facilitated through a vulnerability in the third-party database, underscoring the importance of robust cybersecurity measures.

Santander's Response

Upon learning of the breach, Santander promptly took steps to protect its systems. The company blocked access to the affected system and initiated an investigation to understand the scope of the breach. Additionally, Santander has implemented preventative measures to further safeguard its systems against future incidents.

To assist affected individuals, Santander is offering identity protection and credit monitoring services for two years at no cost through Experian IdentityWorks. This service includes benefits such as credit monitoring, internet surveillance, identity restoration, and $1 million in identity theft insurance.

Steps for Affected Individuals

If you believe you are affected by this data breach, it is crucial to take the following steps to protect your personal information and mitigate potential risks:

1. Enroll in Experian IdentityWorks: Santander has arranged for free identity protection and credit monitoring services for two years. To enroll, visit Experian IdentityWorks and provide your activation code. Ensure you enroll by May 30, 2025.
2. Order Your Free Credit Report: Visit Annual Credit Report or call 1-877-322-8228 to obtain your free credit report from each of the three nationwide consumer reporting agencies. Review your report for any unauthorized accounts or inaccuracies.
3. Place a Fraud Alert: Consider placing a fraud alert on your credit file by contacting any one of the three major consumer reporting agencies:
1. Equifax at 1-800-525-6285
2. Experian at 1-888-397-3742
3. TransUnion at 1-800-680-7289

1. Consider a Security Freeze: A security freeze can prevent potential creditors from accessing your credit file without your consent. Contact each of the three consumer reporting agencies to place a security freeze.
2. Monitor Your Accounts: Regularly review your account statements for any unauthorized transactions. If you detect any suspicious activity, promptly notify your financial institution or payment card company.
3. Report Identity Theft: If you suspect identity theft, report the incident to law enforcement, the Federal Trade Commission (FTC), and your state Attorney General. Visit IdentityTheft.gov for streamlined checklists and sample letters to help guide you through the recovery process.

For more detailed information on the data breach, you can access the disclosures on the Texas Attorney General's website and the Massachusetts Attorney General's website.