River Financial Discloses Two More Class Actions Over Ransomware Incident, Total Now Four

RVRFlitigation

July 17, 2026

share

River Financial Corporation updated investors on July 17 regarding the ongoing fallout from the ransomware incident that struck its network in mid-June. The latest 8-K filing reveals that the number of class action lawsuits filed against the company has doubled since its last update a week ago.

When River Financial filed its amended disclosure on July 10, it reported two class action complaints. A third lawsuit was filed that same day, July 10, and a fourth followed on July 16. All four cases center on the same core question: whether the threat actor who accessed River's network environment also obtained customers' personally identifiable information.

The company has not yet confirmed whether any customer data was actually exfiltrated, though its July 10 filing did acknowledge that the attacker removed certain data from the network. River emphasized that the investigation remains active and that it has not determined the full nature, scope, or impact of the breach. The company also stated it has not yet concluded whether the incident is reasonably likely to materially affect its business or financial condition.

River Financial, the parent company of River Bank & Trust, first disclosed the cyberattack on June 19, reporting that ransomware had been deployed across parts of its server infrastructure. The company promptly took affected systems offline and engaged a third-party forensic firm to lead the investigation. Since then, the disclosure has evolved from an operational disruption into a mounting legal challenge, with four proposed class actions now pending.

The company reiterated its commitment to file an additional amendment to its 8-K within four business days after it determines any material findings regarding the scope of the incident, the status of customer data, or the likely financial impact. For now, investors are left with an incomplete picture: a confirmed ransomware attack, acknowledged data removal by an unauthorized actor, and a growing docket of litigation, all while the forensic investigation continues.

Original filing →

Record Alpha uses automated systems to identify and summarize public filings, court records, and regulatory actions as they become available. Every article links directly to the primary source document so readers can verify details firsthand. This content is for informational purposes only and is not investment, legal, or financial advice. Full disclaimer →

DisclaimerPrivacyTermsContact

© 2026 Record Alpha. All rights reserved.