In March 2020, First Republic Bank (a US private bank and wealth management company) disclosed that an insider threat incident had occurred. A bank employee with legitimate access to AWS cloud systems used those credentials to exfiltrate customer data over a brief window on March 11-12, 2020. The data exfiltrated included customer names, addresses, and account information. First Republic Bank promptly identified the unauthorized access, terminated the employee’s access, and notified affected customers and regulators. The incident occurred around the same time as the COVID-19 lockdown began, which likely affected the bank’s ability to monitor for insider threats.