Bank of America (Bo...
Clear all

Bank of America (BoA) customer data breached in third-party data leak

1 Posts
1 Users
Brandon Lee
Posts: 542
Member Admin
Topic starter

Bank of America has alerted its customers about a significant data leak from a ransomware attack on Infosys McCamish Systems (IMS), a technology partner, in the fall of last year. This incident underscores the critical importance of safeguarding data and system access across third-party vendors. The breach affected at least 57,028 customers and occurred due to unauthorized access to IMS systems, leading to the temporary unavailability of certain applications. This breach was disclosed through a filing in Maine by IMS and a detailed letter issued to the impacted customers by Bank of America, which boasts around 69 million clients globally.

The disclosed timelines of the breach vary, with IMS stating the incident happened on October 29 and its discovery the next day, while Bank of America's communication mentioned the breach occurred around November 3. The ransomware attack rendered some systems within IMS's environment inaccessible. IMS offers insurance process management solutions and services, and the breach exposed sensitive customer data related to Bank of America's deferred-compensation plans. The compromised information potentially includes names, Social Security numbers, addresses, business email addresses, dates of birth, and other account details. However, IMS has expressed uncertainty over the exact scope of accessed personal information.

Shortly after the breach, on November 4, the LockBit ransomware group advertised the sale of stolen data from over 2,000 encrypted IMS systems on its Dark Web site, setting a deadline for ransom payment to avoid data leakage. The subsequent actions, whether a ransom was paid or if the data was leaked, remain unclear.

IMS notified Bank of America on November 24 about the potential compromise of data related to the bank's deferred-compensation plans, although Bank of America's own systems were not directly impacted by the breach. In response, IMS enlisted a third-party forensic firm to aid in its recovery efforts, focusing on containing the breach, system restoration, and bolstering its response strategies. To date, IMS has reported no evidence suggesting ongoing activities, tools, or presence of the threat actor within its environment.

Posted : 13/02/2024 12:15 pm