SouthState Corp - (SSB)

Date
Filing
8-K/A Filing Date: March 29, 2024
Item 1.05 ​ ​ Material Cybersecurity Incidents. ​ As disclosed in the Original Report, on February 6, 2024, SouthState Bank, N.A. detected what was determined to be a cybersecurity incident. Upon detection, SouthState initiated its incident response and business continuity protocols and began taking measures to disrupt the unauthorized activity. In addition, SouthState has been conducting an investigation. A cybersecurity firm was engaged to assist. SouthState also notified banking regulators and law enforcement. As a result of these and other measures, SouthState has contained the impact of the cybersecurity incident. ​ Based on the investigation and findings, SouthState will mail notification letters to individuals whose personal information may have been involved. ​ While the cybersecurity incident had a significant impact on certain of SouthState’s business processes, as of the date of this filing, it has not had a material impact on SouthState’s overall financial condition or results of operations, and SouthState has determined that the incident is not reasonably likely to have a material impact on its financial conditions or results of operations. Forward Looking Statements ​ This Amendment contains “forward-looking statements” within the meaning of the federal securities laws. Forward-looking statements are based on, among other things, management’s beliefs, assumptions, current expectations, estimates and projections about the financial services industry, the economy and SouthState. Words and phrases such as “may,” “approximately,” “continue,” “should,” “expects,” “projects,” “anticipates,” “is likely,” “look ahead,” “look forward,” “believes,” “will,” “intends,” “estimates,” “strategy,” “plan,” “could,” “potential,” “possible” and variations of such words and similar expressions are intended to identify such forward-looking statements. ​ SouthState cautions readers that forward-looking statements are subject to certain risks, uncertainties and assumptions that are difficult to predict with regard to, among other things, timing, extent, likelihood and degree of occurrence, which could cause actual results to differ materially from anticipated results. Such risks, uncertainties and assumptions, include, among others, SouthState’s ongoing assessment of the impacts of the cybersecurity incident, the impact of the cybersecurity incident on SouthState’s customers, business, operations and financial results, and other factors that may affect future results of SouthState, as disclosed in SouthState’s Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, and Current Reports on Form 8-K, filed by SouthState with the U.S. Securities and Exchange Commission (“SEC”) and available on the SEC’s website at http://www.sec.gov, any of which could cause actual results to differ materially from future results expressed, implied or otherwise anticipated by such forward-looking statements. ​ All forward-looking statements speak only as of the date they are made and are based on information available at that time. SouthState does not undertake any obligation to update or otherwise revise any forward-looking statements, whether as a result of new information, future events, or otherwise, except as required by federal securities laws. As forward-looking statements involve significant risks and uncertainties, caution should be exercised against placing undue reliance on such statements. ​ ​ ​ ​ ​ ​
8-K Filing Date: February 09, 2024
Item 1.05. Material Cybersecurity Incidents.

 

SouthState Bank, N.A., (the "Company") detected what was determined to be a cybersecurity incident on February 6, 2024. Upon detection, the Company initiated its incident response and business continuity protocols and began taking measures to disrupt the unauthorized activity. As part of its process to address the incident, the Company proactively took measures to isolate parts of its network, which resulted in some disruption to the Company's business processes. The Company's operations have continued throughout this process in all material respects. The Company is conducting a thorough investigation and a cybersecurity firm has been engaged. Banking regulators and law enforcement have been notified.

 

While the investigation is ongoing, as of the date of this filing, the incident has not had a material impact on the Company's operations, and the Company has not determined the incident is reasonably likely to materially impact the Company's financial conditions or results of operations.

 

Cautionary Statement Regarding Forward Looking Statements

 

Statements included in this communication, which are not historical in nature are intended to be, and are hereby identified as, forward-looking statements for purposes of the safe harbor provided by Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements are based on, among other things, management’s beliefs, assumptions, current expectations, estimates and projections about the financial services industry, the economy and SouthState. Words and phrases such as “may,” “approximately,” “continue,” “should,” “expects,” “projects,” “anticipates,” “is likely,” “look ahead,” “look forward,” “believes,” “will,” “intends,” “estimates,” “strategy,” “plan,” “could,” “potential,” “possible” and variations of such words and similar expressions are intended to identify such forward-looking statements.

 

SouthState cautions readers that forward-looking statements are subject to certain risks, uncertainties and assumptions that are difficult to predict with regard to, among other things, timing, extent, likelihood and degree of occurrence, which could cause actual results to differ materially from anticipated results. Such risks, uncertainties and assumptions, include, among others, the following: (1) economic downturn risk, potentially resulting in deterioration in the credit markets, inflation, greater than expected noninterest expenses, excessive loan losses and other negative consequences, which risks could be exacerbated by potential negative economic developments resulting from federal spending cuts and/or one or more federal budget-related impasses or actions; (2) interest rate risk primarily resulting from the interest rate environment, the number and pace of interest rate increases, and their impact on the Bank’s earnings, including from the correspondent and mortgage divisions, housing demand, the market value of the Bank’s loan and securities portfolios, and the market value of SouthState’s equity; (3) volatility in the financial services industry (including failures or rumors of failures of other depository institutions), along with actions taken by governmental agencies to address such turmoil, could affect the ability of depository institutions, including us, to attract and retain depositors and to borrow or raise capital; (4) the impact of increasing digitization of the banking industry and movement of customers to on-line platforms, and the possible impact on the Bank’s results of operations, customer base, expenses, suppliers and operations; (5) controls and procedures risk, including the potential failure or circumvention of our controls and procedures or failure to comply with regulations related to controls and procedures; (6) potential deterioration in real estate values; (7) the impact of competition with other financial institutions, including deposit and loan pricing pressures and the resulting impact, including as a result of compression to net interest margin; (8) risks relating to the ability to retain our culture and attract and retain qualified people, which could be exacerbated by the continuing work from remote environment; (9) credit risks associated with an obligor’s failure to meet the terms of any contract with the Bank or otherwise fail to perform as agreed under the terms of any loan-related document; (10) risks related to the ability of the Company to pursue its strategic plans which depend upon certain growth goals in our lines of business; (11) liquidity risk affecting the Bank’s ability to meet its obligations when they come due; (12) risks associated with an anticipated increase in SouthState’s investment securities portfolio, including risks associated with acquiring and holding investment securities or potentially determining that the amount of investment securities SouthState desires to acquire are not available on terms acceptable to SouthState; (13) unexpected outflows of uninsured deposits may require us to sell investment securities at a loss; (14) the loss of value of our investment portfolio could negatively impact market perceptions of us and could lead to deposit withdrawals; (15) price risk focusing on changes in market factors that may affect the value of traded instruments in “mark-to-market” portfolios; (16) transaction risk arising from problems with service or product delivery; (17) compliance risk involving risk to earnings or capital resulting from violations of or nonconformance with laws, rules, regulations, prescribed practices, or ethical standards; (18) regulatory change risk resulting from new laws, rules, regulations, accounting principles, proscribed practices or ethical standards, including, without limitation, the possibility that regulatory agencies may require higher levels of capital above the current regulatory-mandated minimums and including the impact of special FDIC assessments, the Consumer Financial Protection Bureau regulations or other guidance, and the possibility of changes in accounting standards, policies, principles and practices; (19) strategic risk resulting from adverse business decisions or improper implementation of business decisions; (20) reputation risk that adversely affects earnings or capital arising from negative public opinion including the effects of social media on market perceptions of us and banks generally; (21) cybersecurity risk related to the dependence of SouthState on internal computer systems and the technology of outside service providers, as well as the potential impacts of internal or external security breaches, which may subject the Company to potential business disruptions or financial losses resulting from deliberate attacks or unintentional events; (22) reputational and operational risks associated with environment, social and governance (ESG) matters, including the impact of recently passed state legislation and proposed federal and state regulatory guidance and regulation relating to climate change; (23) greater than expected noninterest expenses; (24) excessive loan losses; (25) reputational risk and possible higher than estimated reduced revenue from previously announced changes in the Bank’s consumer overdraft programs and other deposit products; (26) the risks of fluctuations in market prices for SouthState common stock that may or may not reflect economic condition or performance of SouthState; (27) the payment of dividends on SouthState common stock, which is subject to legal and regulatory limitations as well as the discretion of the board of directors of SouthState, SouthState’s performance and other factors; (28) ownership dilution risk associated with potential acquisitions in which SouthState’s stock may be issued as consideration for an acquired company; (29) operational, technological, cultural, regulatory, legal, credit and other risks associated with the exploration, consummation and integration of potential future acquisitions, whether involving stock or cash consideration; (30) catastrophic events such as hurricanes, tornados, earthquakes, floods or other natural or human disasters, including public health crises and infectious disease outbreaks, as well as any government actions in response to such events, and the related disruption to local, regional and global economic activity and financial markets, and the impact that any of the foregoing may have on SouthState and its customers and other constituencies; (31) geopolitical risk from terrorist activities and armed conflicts that may result in economic and supply disruptions, and loss of market and consumer confidence; and (32) other factors that may affect future results of SouthState, as disclosed in SouthState’s Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, and Current Reports on Form 8-K, filed by SouthState with the U.S. Securities and Exchange Commission (“SEC”) and available on the SEC’s website at http://www.sec.gov, any of which could cause actual results to differ materially from future results expressed, implied or otherwise anticipated by such forward-looking statements.

 

All forward-looking statements speak only as of the date they are made and are based on information available at that time. SouthState does not undertake any obligation to update or otherwise revise any forward-looking statements, whether as a result of new information, future events, or otherwise, except as required by federal securities laws. As forward-looking statements involve significant risks and uncertainties, caution should be exercised against placing undue reliance on such statements.