Bank of America, one of the largest banking institutions in the United States, recently announced to its customers that a data breach had occurred due to a cyberattack targeting one of its service providers, Infosys McCamish Systems.
The Bank of America data breach, which transpired after the cyberattack on Infosys McCamish Systems LLC (IMS), has raised serious concerns about the security of personal information entrusted to financial institutions.
The Bank of America breach, which came to light on February 6, 2024, prompted Bank of America to take swift action, filing a notice of the data breach with the Attorney General of Texas.
The Bank of America Data Breach Links to Infosys McCamish Systems
According to the disclosure, unauthorized access to confidential information was made possible through the third-party breach at Infosys McCamish Systems.
The compromised data includes sensitive details such as names, Social Security numbers, financial account information, addresses, and dates of birth of affected consumers.
In response to the breach, Bank of America initiated a thorough investigation and promptly began notifying individuals whose information was impacted by the security incident.
The affected customers received Bank of America data breach notification letters outlining the extent of the compromise and steps they can take to safeguard their information.
While the exact number of affected customers has not been disclosed by Bank of America, Infosys McCamish Systems revealed in a filing with the Attorney General of Maine that over 57,000 individuals had their data exposed in the incident.
The Timeline of the Bank of America Data Breach
The timeline leading up to the Bank of America/Infosys McCamish data breach provides some insight into the sequence of events.
Infosys became aware of the cyberattack targeting its systems on November 3, 2023, which resulted in certain portions of IMS’s infrastructure becoming inaccessible.
Following this discovery, IMS launched an investigation in collaboration with external data forensics specialists.
On November 24, 2023, IMS notified Bank of America that data related to certain deferred compensation plans serviced by the bank may have been compromised. It’s important to note that at no point was Bank of America’s internal network compromised during the breach.
However, the Bank of America data breach did expose sensitive consumer information, prompting IMS to conduct a thorough review of the compromised files to identify affected individuals.
Bank of America’s proactive approach to addressing the breach, including the issuance of data breach notification letters, aims to mitigate the potential impact on affected customers.
These letters provide detailed information on the compromised data, empowering individuals to take appropriate steps to protect their personal information.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.