Item 8.01 Other events.

On April 12, 2023, Middlefield Banc Corp. (the "Company") learned of a cyber-attack that resulted in a disruption to the computer systems of The Middlefield Banking Company (the "Bank"), the Company's banking subsidiary. The Bank took immediate action to remediate the security vulnerability and retained a cybersecurity firm to investigate the nature and scope of the incident, evaluate systems and identify solutions, and confirm what data has been impacted by this event, if any. The Bank also notified law enforcement. The Bank's products and services are fully operational. The Bank has placed additional security measures in place and will continue to actively monitor any suspicious activity. The investigation is on-going at this time, including confirming what, if any, customer data has been impacted by this event.

We have incurred expenses to investigate and remediate the cyber-attack and expect to continue to incur expenses. The Bank has retained special legal counsel. Although cyber-attacks can be unpredictable, the Company does not currently expect this incident will have a material impact on its business operations or its financial results.

Forward-Looking Information

This Form 8-K contains certain statements that may be considered forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, including the Company's current expectations concerning the resolution of this cyber-attack and its impact on the Company's business, operations or financial results. Such forward-looking statements include, but are not limited to, statements as to future results of operations and financial projections, express or implied statements relating to the Company's expectations regarding its ability to contain and assess the cyber-attack and the impact of the cyber-attack on the Company's business, operations and financial condition. Factors that could cause actual results to differ materially from those expressed or implied include the following: the ongoing assessment of the cyber-attack; legal, reputational and financial risks resulting from the cyber-attack or additional cyber-attacks; and the other factors set forth in the Company's Annual Report on Form 10-K for the year ended December 31, 2022, and other public filings with the Securities and Exchange Commission. Forward-looking statements are based on currently available information and our current beliefs, expectations and understanding, which may change as our investigation and remediation efforts progress. Except as required by the federal securities laws, the Company undertakes no obligation to publicly update or revise any forward-looking statement, whether as a result of new information, future events or otherwise. Forward-looking statements speak only as of the date they are made, and we do not undertake to update these statements other than as required by law and specifically disclaim any duty to do so.

--------------------------------------------------------------------------------

© Edgar Online, source Glimpses