The bank sent an e-mail to notify certain customers that its on-line banking system would be out of service for maintenance on Saturday. It appears that an employee mistakenly included the e-mail addresses of over 3,300 customers in the "To" field of the e-mail, instead of placing them in the blind carbon copy (BCC) field.
Putting addresses in the BCC field is a simple means of hiding the intended recipients of an e-mail.
The bank e-mailed the affected customers on Tuesday to apologise for the error, claiming that "necessary procedures" were put in place to prevent similar incidents from happening again and that the customers' financial information was protected anyway. However, some customers said they were "outraged" and wanted to close their accounts, according to the Mercury News.
The Bank of the West is not the first major company to make this type of mistake. Last year, pharmaceutical giant Eli Lilly mistakenly revealed the e-mail addresses of 699 people taking the anti-depressant drug Prozac.
This happened when a message addressed to subscribers of the Prozac.com web site's "Medi Messenger" service included the e-mail addresses of all the recipients in the "To" field instead of the BCC field.
Following an investigation into the privacy breach, the US Federal Trade Commission (FTC) fined the company $160,000 earlier this year. Eli Lilly was also ordered to strengthen its internal security standards and will have its marketing practices checked by the FTC for the next 20 years.