Commerce Bancorp confirms data breach

November 13, 2007

By Harold Brubaker

A Commerce Bancorp Inc. employee gave out personal information on an unspecified number of the Cherry Hill bank's customers, a company official said today. "It's a matter that impacting a small number of our three million customers in a relatively small geographic area," Commerce spokesman David Flaherty said.

Commerce, which is the second-biggest bank in the Philadelphia region by deposits, discovered the breach through an internal investigation and sent letters to affected customers. Those letters started arriving Saturday, Flaherty said.

It was not known who received the information.

Overall, Commerce had $46.53 billion in deposits at the end of September at 457 branches from Connecticut to Washington and in southern Florida.

Flaherty said the bank does not know if the information - including account numbers and Social Security numbers - has been misused. "This is done because there is a possibility," he said of the letters to customers.

The bank is investigating the incident internally and is cooperating with law enforcement authorities, he said.

Commerce said it also is offering customers 12 months of credit-monitoring service at the company's expense.

Adam K. Levin, chairman of IdentityTheft911 and former director of the New Jersey Division of Consumer Affairs, said such protection might not be enough. "Identities are like fine wine. They get better with age," as special protections expire.

Data breaches are fairly common.

Since 2005, more than 166 million records have been improperly accessed to the level of Social Security numbers, said Levin, who warned that attacks on data are becoming increasingly sophisticated.

Bill Madway, a visiting professor of marketing at Villanova University, said he thinks Commerce should let the public know what steps it will take to prevent such theft in the future.

main page ATTRITION feedback