Class Action U Logo
Check Your Eligibility

First Mid Bank & Trust Data Breach

HC3 reported a data security incident on November 11, 2025, involving a printing error that may have exposed bank statement pages, transaction data, and account numbers for First Mid Bank customers. While no hacking occurred, affected individuals are encouraged to monitor their accounts and explore legal options with Class Action U.

First Mid Bank & Trust
Date of Breach: November 11, 2025
CAU logo

Who was affected:

Clients of First Mid Bank & Trust

Impacted Data:

Bank statement pages

Transaction activity

Check images

Full bank account number (on check images)

Last four digits of bank account number

Check Your Eligibility

HC3 has disclosed a data security incident involving a production error that may have caused certain First Mid Bank & Trust customer account information to be included in another customer’s printed bank statement. While no hacking occurred, sensitive financial information may have been exposed.

First Mid Bank & Trust Data Breach Investigation

HC3, a vendor that provides printing services for account statements and notices on behalf of First Mid Bank & Trust, NA (“First Mid”), recently reported a data security incident stemming from a production error. According to the notice, HC3 discovered the issue on November 11, 2025, after learning that an internal printing error may have caused pages from one customer’s bank statement to be inserted into another customer’s mailed statement.

Importantly, HC3 stated that this incident did not involve unauthorized access to its computer network or First Mid’s internal systems. Instead, the issue arose during the statement production process. Once the error was identified, HC3 immediately initiated a comprehensive internal review to determine which statements may have been affected and what information was involved.

The review determined that certain pages of bank statements, including transaction details or check images, may have been misdirected. While HC3 has indicated that it currently has no evidence of misuse, the exposure of financial information—especially account numbers—creates a meaningful risk of fraud or identity theft.

As a response, HC3 remailed corrected statements to affected customers and implemented corrective measures within its production processes to reduce the likelihood of a similar incident occurring in the future. The company expressed regret for the incident and emphasized its commitment to safeguarding customer information.

Even incidents caused by internal errors rather than hacking can have serious consequences for consumers. At Class Action U, we believe companies entrusted with sensitive financial data must be held accountable when lapses in safeguards expose consumers to unnecessary risk.

When Did This Breach Occur?

  • Date Discovered: November 11, 2025

  • Incident Type: Production error involving printed bank statements

What Information Was Breached?

Based on HC3’s review, the information that may have been exposed includes:

  • Bank statement pages

  • Transaction activity

  • Check images

  • Full bank account number (on check images)

  • Last four digits of bank account number

What You Can Do

If you received a notification about this incident, there are steps you should consider taking to protect yourself:

  • Enroll in Complimentary Identity Monitoring: HC3 is offering 24 months of free identity monitoring services through Kroll.

  • Review Bank Statements Carefully: Look for unauthorized or unfamiliar transactions.

  • Monitor Your Credit Reports: Check for suspicious activity or new accounts you don’t recognize.

  • Act Quickly if You Spot Fraud: Notify First Mid Bank & Trust or your financial institution immediately if you notice suspicious activity.

  • Remain Vigilant: Identity theft can occur months after exposure, so continued monitoring is important.

If you are unsure whether your information was involved or want to understand your legal rights, Class Action U can help guide you through your options.

File a Data Breach Lawsuit Against First Mid Bank & Trust

Even though this incident did not involve hacking, the exposure of sensitive financial information due to a production error can still place consumers at risk of fraud and identity theft. Companies that handle and distribute financial data have a responsibility to implement safeguards that prevent this type of disclosure.

If your account information was exposed in the HC3 incident, you may be eligible to pursue compensation through a data breach lawsuit. Class action lawsuits allow individuals affected by the same incident to come together to seek accountability and financial recovery.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

VIEW PDF
Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Posillico Data Breach
Date of Breach: December 8, 2025
H&H Color Lab Data Breach
Date of Breach: July 31, 2025
Jeffrey W. Krol and Associates Data Breach
Date of Breach: November 22, 2025
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.