M&T Bank's branch in Boston's Seaport District. Banker & Tradesman file photo

A global data breach on Tuesday tied to a piece of third-party software has potentially exposed the personal information of over 95,000 Massachusetts residents, M&T Bank told state officials.

M&T filed a letter with Massachusetts Attorney General Andrea Campbell’s office stating that customer information such as names, addresses and M&T account numbers may be exposed. The breach occurred on a third-party platform that uses the file transfer software MOVEit.

MOVEit is a software owned by Burlington-based Progress Software and used by government agencies, major financial firms and thousands of other organizations. Other organizations that use the MOVEit software, such as UMass Chan Medical School, have also had customer information be potentially compromised.

“M&T’s internal systems were not compromised, and they continue to remain secure. Our investigation determined that limited customer information held by certain third-party service providers was compromised. Specifically, name, address, and M&T account number(s) have been exposed as part of this incident. No PINs or passwords were exposed. This information did not include sensitive data such as social security numbers, date of birth, or debit/credit card numbers. We are now directly informing any customers who may have been affected,” Frank Lentini, M&T Bank senior communications director, said in an email.

The bank said once they learned of the incident, it immediately installed required security patches and began an investigation to understand the potential exposure of customer data.