Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
M&T Bank

M&T Bank Vendor Cyber Rating & Cyber Score

mtb.com

Great companies have an enduring sense of purpose. At M&T, our purpose is a simple one: make a difference in people’s lives and uplift the communities we serve. Founded in 1856 in Buffalo, NY we are now a top 11 full-service US-based commercial bank with a retail footprint across the east coast and wealth services available nationwide and abroad. As a bank, we offer advice, guidance, expertise, and solutions across the entire financial spectrum that combines M&T’s traditional banking services with the wealth management and institutional capabilities offered by Wilmington Trust. We are a community-minded organization with more than 167 years of experience. We serve customers, community, and colleagues whether they be across the street,


M&T Bank A.I CyberSecurity Scoring

M&T Bank
Company Information
Website:http://www.mtb.com
Employees number:30,274
Number of followers:155,602
NAICS:52
Industry Type:Financial Services
Homepage:mtb.com
M&T Bank Risk Score (AI oriented)
Between 650 and 699
logo
M&T BankFinancial Services
Updated:
22/04/2026
669/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
M&T Bank Global Score (TPRM)
xxxx
logo
M&T BankFinancial Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

M&T Bank
M&T BankWeak
Current Score
669B (WEAK)
01000
2 incidents
-61.5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
674Before Incident
JUNE 2026
673Before Incident
MAY 2026
670Before Incident
APRIL 2026
784Before Incident
Breach
17 Apr 2026M&T Bank
M&T Bank and Third-party service provider: M&T Bank Data Breach Lawsuit Investigation

M&T Bank Data Breach Exposes Sensitive Customer Information via Third-Party Provider

720After Incident
CRITICAL-64
M&TTHI1776869694
M&T Bank Data Breach Exposes Sensitive Customer Information via Third-Party Provider In August 2025, M&T Bank a major financial institution headquartered in Buffalo, New York, with over 960 branches across 12 states discovered a data breach stemming from a security incident at one of its third-party service providers. While the bank’s own systems remained unaffected, unauthorized access to files containing customer data occurred within the vendor’s environment. The breach, disclosed to the Massachusetts Attorney General on April 17, 2026, exposed sensitive personally identifiable information (PII) of M&T Bank customers, including names, Social Security numbers, driver’s licenses, credit/debit card numbers, and financial account details. In Massachusetts alone, 462 individuals were confirmed as impacted. Class action law firm Shamis & Gentile P.A. is currently investigating the incident, assessing potential claims for affected customers who may be eligible for compensation. The breach highlights ongoing risks associated with third-party vendor security in the financial sector.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personally Identifiable Information (PII), Social Security numbers, driver’s licenses, credit/debit card numbers, financial account detailsSystems Affected: Third-party service provider’s environmentBrand Reputation Impact: Potential reputational damage due to third-party breachLegal Liabilities: Potential class action investigationIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Type Of Data Compromised: Personally Identifiable Information (PII), Social Security numbers, driver’s licenses, credit/debit card numbers, financial account detailsNumber Of Records Exposed: At least 462 (Massachusetts only)Sensitivity Of Data: HighPersonally Identifiable Information: Names, Social Security numbers, driver’s licenses, credit/debit card numbers, financial account details
MARCH 2026
784Before Incident
FEBRUARY 2026
784Before Incident
JANUARY 2026
784Before Incident
DECEMBER 2025
784Before Incident
NOVEMBER 2025
784Before Incident
OCTOBER 2025
784Before Incident
SEPTEMBER 2025
784Before Incident
AUGUST 2025
784Before Incident
Breach
01 Aug 2025M&T Bank
M&T Bank and Gelinas & Ward LLP: M&T Bank Data Breach: Sensitive Personal Information Exposed

M&T Bank Third-Party Data Breach Affecting Customer Information

725After Incident
CRITICAL-59
M&TLAW1776869766
M&T Bank Discloses Third-Party Data Breach Affecting Customer Information M&T Bank, a regional financial institution serving over 3.6 million customers across 12 states and Washington, D.C., recently revealed a data breach stemming from a security incident at third-party law firm Gelinas & Ward LLP. The breach, which occurred in August 2025, exposed sensitive customer data, including Social Security numbers, financial account details, credit/debit card numbers, and driver’s license numbers. The bank confirmed that the breach originated entirely within the law firm’s systems, with no compromise of M&T Bank’s internal infrastructure. Upon discovering the incident, M&T Bank launched a review in collaboration with Gelinas & Ward to assess the scope and determine the affected data. While 462 Massachusetts residents were initially identified as impacted prompting a report to the Massachusetts Office of Consumer Affairs and Business Regulation the total number of affected individuals nationwide remains undisclosed. Notification letters were sent to impacted customers on April 17, 2026. In response, M&T Bank is offering 24 months of complimentary credit monitoring through Equifax Complete Premier, including three-bureau monitoring, identity theft insurance, and fraud detection tools. Affected customers can enroll using a unique activation code provided in their notification letter, valid for 90 days. Gelinas & Ward is separately providing TransUnion-based credit monitoring and identity restoration services to those affected. For inquiries, M&T Bank has established a dedicated helpline (1-800-724-2440), while Gelinas & Ward can be contacted by mail at 106 Merriam Ave., Leominster, MA 01453.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Social Security numbers, financial account details, credit/debit card numbers, driver’s license numbersSystems Affected: Gelinas & Ward LLP systemsIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Social Security numbersFinancial account detailsCredit/debit card numbersDriver’s license numbersSensitivity Of Data: HighPersonally Identifiable Information: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for M&T Bank ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in June 2026 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in May 2026 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in April 2026 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in March 2026 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in February 2026 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in January 2026 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in December 2025 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in November 2025 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in October 2025 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in September 2025 ?
?
What was M&T Bank's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on M&T Bank's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with M&T Bank ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view M&T Bank's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?
M&T Bank Cyber Scoring History | Rankiteo