Cyber Incident Victim: Citizens Bank, N.A.

On or about April 20, 2026, Citizens Bank, N.A. appeared on the Everest gang's dark web ransomware leak site. Samples of sensitive financial data from Texas-based Frost Bank and Citizens Financial Group were posted on the site. The Everest gang stated that it would release the stolen data publicly after a six‑day period. The gang claimed to have obtained approximately 3.4 million records belonging to Citizens Bank. The exposed information included names, home addresses, and account numbers. The article was published on April 22, 2026, by Edelson Lechtzin LLP announcing its investigation.

Individuals who received a data breach notification from Citizens Bank may face an increased risk of identity theft and fraud. Edelson Lechtzin LLP, a national class action law firm with offices in Pennsylvania and California, is investigating data privacy claims arising from the breach. Citizens Financial Group, Inc., the parent company of Citizens Bank, N.A., is headquartered in Providence, Rhode Island. Citizens Bank, N.A. operates in Connecticut, Delaware, Florida, Maryland, Massachusetts, Michigan, New Hampshire, New Jersey, New York, Ohio, Pennsylvania, Rhode Island, Vermont, Virginia, and Washington, DC. In addition to data breach litigation, the firm handles class and collective actions involving securities and investment fraud, federal antitrust violations, ERISA employee benefit plans, wage theft, and consumer fraud.