Truist Bank (6th-largest US bank) confirmed an October 2023 breach after threat actor ‘Sp1d3r’ listed the stolen data for sale on a dark web forum on 12 June 2024 for $1 million. Data included personal/professional info of approximately 65,000 employees, customer bank transaction details (names, account numbers, balances), and the source code for Truist’s IVR (Interactive Voice Response) funds transfer system. Truist said the breach was contained, with no evidence of misuse. Not linked to Snowflake. The same actor ‘Sp1d3r’ also claimed and sold data from Cylance/BlackBerry.