A regional bank in the US said it was able to deflect most of a hacking attempt on its database, but not before some customer information was divulged.
Commerce Bank, which operates banks in five U.S. states, said that a hacker gained access to a database with about 3,000 customer records and accessed data belonging to 20 of them. The bank is contacting those who may have been affected.
The hacking was quickly detected and stopped, according to Commerce Bank, which then notified law enforcement.
It wasn't clear how the hacker accessed the bank's database. A common method is by passing malicious data through Web-based forms, known as a SQL (Structure Query Language) injection, which can force the database to reveal other information it holds.
Hackers often look for vulnerabilities in bank and e-commerce Web sites that will allow them to tap into their back-end databases.
Commerce Bank is a subsidiary of Commerce Bancshares, a regional bank holding company.