The login details of 8378 Suffolk County National Bank (SCNB) customers have been stolen after a hacker gained access to the computer server hosting its online banking system.
The New York state community bank says the intrusion occurred over six days between 18 and 23 November, affecting around 10% of its customers.
It was discovered during an internal security review on 24 December, prompting the bank to rebuild the compromised server and take "other measures to ensure the security of data".
SNCB insists no evidence has been found of unauthorised access to online customer accounts and it has not received reports of unusual activity.
Authorities and customers have been notified and the bank has booked a provision of approximately $351,000, net of taxes, in the fourth quarter for possible related expenses.
J Gordon Huszagh, CEO, SCNB, says: "We understand that this kind of incident is a source of concern: both to our customers, even if their personal information is not misused; and to our shareholders for the expense incurred in response. We have responded to this incident as promptly, diligently and forthrightly as we know how, and will continue to do so until it is fully resolved."