MWB
Company Details
Linkedin ID:
mountain-west-bank
Website:
Employees number:
513
Number of followers:
2,991
NAICS:
52
Industry Type:
Homepage:
mountainwestbank.com
IP Addresses:
0
Company ID:
MOU_3376028
Scan Status:
In-progress
Mountain West Bank Company CyberSecurity Posture
mountainwestbank.com
In 1993 the doors of what would become Mountain West Bank officially opened at the corner of Government Way and Ironwood Drive in Coeur d’Alene, Idaho. Today, the bank that originally operated from inside a trailer now serves several communities throughout the state of Idaho. Since its founding days, Mountain West Bank has been dedicated to the mission of providing customers with Legendary Customer Service. We offer customers a full complement of consumer and business products including checking and savings accounts, Certificates of Deposit, IRAs and Money Market Accounts. Our lending services include residential, construction, commercial and consumer products. We also offer credit and debit cards, online banking products, the uniquely popular Totally Free personal and business checking and services, including online banking, online bill pay, mobile banking with deposit, and treasury management services for businesses. Other business products include Positive Pay and Merchant Bankcard services. Mountain West Bank, A Division of Glacier Bank, takes pride in supporting the communities and people in which we serve. Equal Housing Lender. Member FDIC.
Mountain West Bank A.I CyberSecurity Scoring
MWB Risk Score (AI oriented)Between 650 and 699
MWB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MWB Global Score (TPRM)XXXX
MWB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MWB Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Mountain West: Mountain West Commercial Data Breach Investigation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Mountain West Data Breach Exposes Sensitive Personal Information Mountain West recently disclosed a potential data breach to the Massachusetts Attorney General’s office, revealing that sensitive personal identifiable information (PII) may have been compromised. While the company has not provided details on the nature of the security incident, the exposed data includes names and Social Security numbers, though the exact information affected varies by individual. On December 18, 2025, Mountain West began notifying impacted individuals via mail, outlining the specific types of compromised data. As part of its response, the company is offering affected parties 24 months of complimentary credit monitoring services. The breach notification filed with Massachusetts authorities is available for review.
Glacier Bank
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On August 14, 2023, Glacier Bank reported a data breach involving a business partner, Darling Consulting Group, due to a vulnerability in Progress Software's MOVEit secure file transfer tool, which occurred on May 31, 2023. The breach potentially exposed personal information including names, Social Security numbers, account numbers, and account balances, although there is no evidence that this information has been misused.
MWB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MWB
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Mountain West Bank in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Mountain West Bank in 2026.
Incident Types MWB vs Financial Services Industry Avg (This Year)
No incidents recorded for Mountain West Bank in 2026.
Incident History — MWB (X = Date, Y = Severity)
MWB cyber incidents detection timeline including parent company and subsidiaries
MWB Company Subsidiaries
In 1993 the doors of what would become Mountain West Bank officially opened at the corner of Government Way and Ironwood Drive in Coeur d’Alene, Idaho. Today, the bank that originally operated from inside a trailer now serves several communities throughout the state of Idaho. Since its founding days, Mountain West Bank has been dedicated to the mission of providing customers with Legendary Customer Service. We offer customers a full complement of consumer and business products including checking and savings accounts, Certificates of Deposit, IRAs and Money Market Accounts. Our lending services include residential, construction, commercial and consumer products. We also offer credit and debit cards, online banking products, the uniquely popular Totally Free personal and business checking and services, including online banking, online bill pay, mobile banking with deposit, and treasury management services for businesses. Other business products include Positive Pay and Merchant Bankcard services. Mountain West Bank, A Division of Glacier Bank, takes pride in supporting the communities and people in which we serve. Equal Housing Lender. Member FDIC.
Loading...
MWB Similar Companies
NN Group
NN Group is an international financial services company, active in 10 countries, with a strong presence in a number of European countries and Japan. We are rooted in the Netherlands and have a rich history spanning 180 years. With our 16,000 colleagues, NN Group provides retirement services, pensio
Mizuho
This is not your typical financial institution. It’s our people who make us a cut above. Here, every person is respected because of their differences, not in spite of them. We pride ourselves on a culture of purpose, passion and compassion. At Mizuho, we provide the stability of an international in
Pru Life UK
With 29 years of operations in the Philippines, we have the largest agency force of more than 39,000 licensed financial advisers ready to listen, understand and deliver. We are an innovative force in the life insurance industry who pioneered investment-linked or unit-linked insurance in the Philippi
Lars Larsen Group
Lars Larsen Group is owned by the Brunsborg family, descendants of JYSK founder Lars Larsen. The Group owns companies within a number of business areas including furniture, interior design, restaurants and hotels, and is also an active investor in equities, funds, and real estate. The Group is to t
Equifax
At Equifax (NYSE: EFX), we believe knowledge drives progress. As a global data, analytics, and technology company, we play an essential role in the global economy by helping financial institutions, companies, employers, and government agencies make critical decisions with greater confidence. Our uni
Old Mutual Limited is a listed company on the Johannesburg Stock Exchange and has secondary listings on the London, Malawi, Namibia and Zimbabwe stock exchanges. As a Pan-African financial services company, we are focused on Africa, her needs and her people. Together with you, we have educated our
This is the official Company Page of Ping An Insurance (Group) Company of China, Ltd. (HKEx: 2318; SSE: 601318; ADR: PNGAY). Ping An strives to become a world leading technology-powered financial services group. We believe the way people receive financial services and healthcare in the future wil
Sanlam
We’ve finally given a name to that special something a person exudes when they have a plan for their finances. It’s called The F Factor – and now that you know its name, it’s time you feel it too. Let's unlock your financial confidence, together. Our team is online weekdays 8:30 – 16:00
KKR
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in i
.png)
MWB CyberSecurity News
August 17, 2017 01:53 PM
Heartland Data Breach Update: Thousands of Institutions Impacted
Thousands of banking institutions have felt the effects of the Heartland Payment Systems data breach, and this list (below) represents just the small...
July 25, 2016 07:00 AM
Mountain West Bank and customers donate funds to local humane societies and shelters
Karen Zimmerschied (far right) and Enrique Rivera (far left) of Mountain West Bank present a check to Pet Haven's Director Nancy Smith and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MWB CyberSecurity History Information
Official Website of Mountain West Bank
The official website of Mountain West Bank is https://www.mountainwestbank.com.
Mountain West Bank’s AI-Generated Cybersecurity Score
According to Rankiteo, Mountain West Bank’s AI-generated cybersecurity score is 688, reflecting their Weak security posture.
How many security badges does Mountain West Bank’ have ?
According to Rankiteo, Mountain West Bank currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Mountain West Bank been affected by any supply chain cyber incidents ?
According to Rankiteo, Mountain West Bank has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Mountain West Bank have SOC 2 Type 1 certification ?
According to Rankiteo, Mountain West Bank is not certified under SOC 2 Type 1.
Does Mountain West Bank have SOC 2 Type 2 certification ?
According to Rankiteo, Mountain West Bank does not hold a SOC 2 Type 2 certification.
Does Mountain West Bank comply with GDPR ?
According to Rankiteo, Mountain West Bank is not listed as GDPR compliant.
Does Mountain West Bank have PCI DSS certification ?
According to Rankiteo, Mountain West Bank does not currently maintain PCI DSS compliance.
Does Mountain West Bank comply with HIPAA ?
According to Rankiteo, Mountain West Bank is not compliant with HIPAA regulations.
Does Mountain West Bank have ISO 27001 certification ?
According to Rankiteo,Mountain West Bank is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Mountain West Bank
Mountain West Bank operates primarily in the Financial Services industry.
Number of Employees at Mountain West Bank
Mountain West Bank employs approximately 513 people worldwide.
Subsidiaries Owned by Mountain West Bank
Mountain West Bank presently has no subsidiaries across any sectors.
Mountain West Bank’s LinkedIn Followers
Mountain West Bank’s official LinkedIn profile has approximately 2,991 followers.
NAICS Classification of Mountain West Bank
Mountain West Bank is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Mountain West Bank’s Presence on Crunchbase
No, Mountain West Bank does not have a profile on Crunchbase.
Mountain West Bank’s Presence on LinkedIn
Yes, Mountain West Bank maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mountain-west-bank.
Cybersecurity Incidents Involving Mountain West Bank
As of January 24, 2026, Rankiteo reports that Mountain West Bank has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Mountain West Bank has an estimated 30,839 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Mountain West Bank ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability and Breach.
How does Mountain West Bank detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with data breach notification letters mailed to impacted individuals..
Incident Details
Can you provide details on each incident ?
Title: Glacier Bank Data Breach
Description: A data breach involving a business partner, Darling Consulting Group, due to a vulnerability in Progress Software's MOVEit secure file transfer tool.
Date Detected: 2023-08-14
Type: Data Breach
Attack Vector: Vulnerability Exploitation
Vulnerability Exploited: Progress Software's MOVEit secure file transfer tool
Title: Mountain West Data Breach
Description: Mountain West reported that sensitive personal identifiable information in its care may have been compromised. The breach notice does not elaborate on the nature of the security incident, but the type of information potentially exposed includes names and Social Security numbers.
Date Publicly Disclosed: 2025-12-18
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach GLA655080425
Data Compromised: Names, Social security numbers, Account numbers, Account balances
Incident : Data Breach MOU1766434320
Data Compromised: Sensitive personal identifiable information
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Financial Information, , Name, Social Security Number and .
Which entities were affected by each incident ?
Incident : Data Breach GLA655080425
Entity Name: Glacier Bank
Entity Type: Financial Institution
Industry: Banking
Incident : Data Breach GLA655080425
Entity Name: Darling Consulting Group
Entity Type: Business Partner
Incident : Data Breach MOU1766434320
Entity Name: Mountain West
Entity Type: Organization
Customers Affected: Unknown
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach MOU1766434320
Communication Strategy: Data breach notification letters mailed to impacted individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach GLA655080425
Type of Data Compromised: Personal information, Financial information
Sensitivity of Data: High
Personally Identifiable Information: namesSocial Security numbers
Incident : Data Breach MOU1766434320
Type of Data Compromised: Name, Social security number
Sensitivity of Data: High
Personally Identifiable Information: Yes
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach MOU1766434320
Regulatory Notifications: Notified Attorney General of the Commonwealth of Massachusetts
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach MOU1766434320
Recommendations: 24 months of complimentary credit monitoring services for affected individuals
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: 24 months of complimentary credit monitoring services for affected individuals.
References
Where can I find more information about each incident ?
Incident : Data Breach MOU1766434320
Source: Attorney General of the Commonwealth of Massachusetts
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Attorney General of the Commonwealth of Massachusetts.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Data breach notification letters mailed to impacted individuals.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach MOU1766434320
Customer Advisories: Data breach notification letters sent to impacted individuals with details of exposed information
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Data breach notification letters sent to impacted individuals with details of exposed information.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-08-14.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-12-18.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, Social Security numbers, account numbers, account balances, and Sensitive personal identifiable information.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were account numbers, names, Social Security numbers, Sensitive personal identifiable information and account balances.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was 24 months of complimentary credit monitoring services for affected individuals.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Attorney General of the Commonwealth of Massachusetts.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Data breach notification letters sent to impacted individuals with details of exposed information.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mountain-west-bank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
