Menu
Browse

City National Bank

Primary URL Location Industry
www[.]cnb[.]com
Country United States of America
Financial Services Icon
Financial Services
Profile

City National Bank is a banking institution headquartered in the United States of America. It provides core financial services such as checking and savings accounts, commercial loans, and wealth management products to individual and business customers. As a nationally chartered bank, it operates under the regulatory oversight of federal banking authorities and serves clients across multiple states. The bank’s primary functions include accepting deposits, extending credit, and facilitating payment transactions for its clientele. Its role in the financial ecosystem centers on intermediating funds between savers and borrowers while maintaining compliance with applicable banking laws.

In June 2023, City National Bank was identified as a victim of the Cl0p ransomware gang, which exploited a zero‑day vulnerability in the MOVEit Transfer file‑sharing platform. The bank’s name appeared on the gang’s dark web leak site alongside numerous other organizations from various sectors and countries. This incident was part of a widespread cyber campaign that affected multiple federal agencies and large corporations, resulting in the exfiltration of sensitive data. The attackers threatened to publish the stolen information unless ransom payments were made, placing the bank’s data at risk of public disclosure. Cl0p is known for employing a double‑extortion model, combining data encryption with threats to leak stolen information if demands are not met. The MOVEit Transfer vulnerability allowed unauthorized access to files stored on the platform, enabling attackers to harvest data before detection. The event highlighted the exposure of financial institutions to supply‑chain cyber risks associated with third‑party file‑transfer services. Organizations across sectors were urged to assess their MOVEit instances, apply available mitigations, and monitor for signs of compromise. The incident contributed to increased scrutiny of third‑party file‑sharing solutions and reinforced the need for robust security controls and vigilant monitoring of external software dependencies. The bank’s inclusion in the leak site underscores that even regulated entities are not immune to such sophisticated ransomware threats.

Incidents
Linked incidents available to members
1 incident