One reason why I use lesser banks (community level, not nation/international). Still a target, just not as large!

106 millions , ... small player ...

Yawn! Is this even news? I think it was determined in another thread that the current price of a data breach $3.95 per user (per CA/FB case). The equivalent of a single transaction fee in most bank accounts.

Price for who?

Never downplay a data breach, might be your personal financial future at stake next!

Worse, if YOUR site is the one hacked (and all that PII you've saved/relied upon) is in play ... that "$3.95" times ALL THAT WAS LOST could put one out of business!

Few of us are big enough to think this is a gnat's bite.

Someone that boasted about the breach was arrested this week.

That's an understatement. A full swat response with military camo wearing people took his house by force. The video went viral.

It's 2019. This isn't the first mega breach and it won't be the last. Go back to EVERY account you have and if you don't NEED it, delete it. If you DO need it, strip it of any and all data that it doesn't absolutely require. Change passwords so no two have the same pass. I recommend you also change the email address of each though some argue not to do that every time I mention it. john.smith9999, johnsmith9998, johnsmith9997 etc with all being a catchall to your main. Use a variant of your name too so if someone contacts you to an email they use the variant they found in your account.

- John Smith
- Johnny Smith
- John Smithy
- J.Smith
- Mr Smithson

whatever name they use will tell you a bit about where that spam email you got came from. The bank knows your real name, they don't care if you use something different for online access. Make sure the variant email matches the variant name etc. You too can do stuff like this to gain insight on the person contacting you.