Columbia Bank Data Breach Investigation
Columbia Bank was listed on the California Attorney General’s data breach reporting portal on April 17, 2026 in connection with a reported hacking/IT incident. The public filing indicates certain personal information may have been involved, including names, Social Security numbers, driver’s license numbers, and financial account numbers. Some important details, including how many people were affected and when notices were sent, are not publicly available from the materials reviewed here. If you received a notice or are concerned you may be affected, review the steps below and fill out the form on this page to see whether you may qualify for a claim.
Columbia Bank is a financial services company associated with Washington. The limited public record currently available shows a California Attorney General filing relating to a reported cybersecurity incident involving the company. Because detailed information from the official notice was not publicly accessible in the materials reviewed here, the summary below is based primarily on the regulatory filing and should be read with that limitation in mind.
Key Facts at a Glance
- Company: Columbia Bank
- Industry: Financial Services
- Location: Tacoma, Washington
- Reported incident type: Hacking/IT Incident
- Information that may have been involved: Name, Social Security number, driver’s license number, and financial account number
- Reported incident dates: October 2, 2025 and December 22, 2025, according to the filing
- Public listing date: April 17, 2026 on the California Attorney General portal
- Affected population: Not publicly stated in the materials reviewed
- Notice date: Not publicly stated in the materials reviewed
What Happened?
According to a California Attorney General filing, Columbia Bank reported a hacking/IT incident. The public listing reviewed here includes two incident dates, October 2, 2025 and December 22, 2025, and shows the matter was posted on the California portal on April 17, 2026.
Detailed information from the official notice is not publicly accessible at this time in the materials reviewed here. As a result, important facts such as when the activity was discovered, how the incident occurred, whether unauthorized access was confirmed for particular individuals, and how many people may have been affected remain unclear from the available public record.
What Information Was Exposed?
The filing indicates that personal information may have included names, Social Security numbers, driver’s license numbers, and financial account numbers. Those are sensitive data elements because they can be used in identity theft, account fraud, or impersonation attempts.
At the same time, the publicly available materials reviewed here do not explain whether every potentially affected person had all of these data elements involved. If you received a notice directly, the letter you received may provide the most specific description of what information was tied to your situation.
What Should You Do Next?
- Read any notice you received carefully. If Columbia Bank sent you a letter or email, review it closely for the date range, the information involved, and whether any support services were offered.
- Monitor your financial accounts. Check bank, credit card, and other account activity for transactions you do not recognize, and report suspicious activity right away.
- Review your credit reports. You can obtain free credit reports and look for unfamiliar accounts, address changes, or inquiries you did not authorize.
- Consider a fraud alert or security freeze. If Social Security numbers or driver’s license information may have been involved, these tools can help reduce the risk of new-account fraud.
- Strengthen your account security. Update passwords that may be reused, enable multi-factor authentication where available, and be cautious of follow-up phishing emails or calls referencing Columbia Bank.
- Keep records and ask questions. Save any notice, screenshots, statements, and out-of-pocket expenses connected to the incident. If you want to understand your legal options, you can contact Strauss Borrelli PLLC using the form provided on this page.
Your Legal Rights
If a reported data incident put sensitive personal information at risk, affected individuals may have legal rights depending on the facts, the type of information involved, and the laws that apply. In some situations, consumers may be entitled to clearer notice, reimbursement for certain losses, or other remedies if they suffered harm related to the incident.
You may also have the right to ask questions about what happened, what information was involved, and what remediation steps were offered. If you spent time addressing fraud concerns or experienced unreimbursed losses, it is wise to keep documentation. A lawyer can evaluate whether a class action or another claim may be appropriate based on the available evidence.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC represents consumers in data breach and privacy matters and understands how to investigate reported cybersecurity incidents, analyze notice language, and assess potential claims. Our team focuses on clear communication, practical next steps, and holding companies accountable when the facts support legal action.
If you received a notice connected to this reported Columbia Bank incident or believe your information may have been involved, Strauss Borrelli PLLC can review the situation with you. You can use the form on this page to reach out and learn whether you may qualify to pursue a claim.
Find out if you qualify for compensation
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
Frequently Asked Questions
Did Columbia Bank report a data incident?
Yes. According to a California Attorney General filing, Columbia Bank reported a hacking/IT incident. The public materials reviewed here do not provide all details from the underlying notice.
What information may have been involved in the Columbia Bank incident?
The filing indicates the incident may have involved names, Social Security numbers, driver’s license numbers, and financial account numbers. The public record reviewed here does not say whether every affected person had all of those data elements involved.
What should I do if I received a notice from Columbia Bank?
If you received a notice, read it carefully, monitor your accounts, review your credit reports, and consider a fraud alert or security freeze if sensitive identifiers were involved. Keep copies of the notice and any related expenses or suspicious activity.
How many people were affected by the Columbia Bank incident?
The affected population was not publicly stated in the materials reviewed here. That means the current public filing does not clearly say how many individuals may have been impacted.
Can I take legal action over the Columbia Bank data incident?
Possibly. Legal options depend on the facts, the information involved, and whether you experienced harm or time loss connected to the incident. A law firm can review your situation and explain whether a claim may be available.
