Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
A data breach compromising customers’ personal information has been alerted by Bank of America to consumers following last year’s intrusion of Infosys McCamish Systems (IMS), one of its service partners.
Data exposed in the security breach include the names, addresses, social security numbers, birth dates, and even financial information (including account and credit card numbers) of customers, as per the details shared with the Attorney General of Texas.
Details About the Breach
The Bank of America has yet to disclose how many customers were impacted by the data breach, however, an IMS breach notification letter filed with the Attorney General of Maine on behalf of Bank of America emerged and revealed that a total of 57,028 customers were directly impacted by the cyberattack.
The notification says that IMS was attacked by the threat actors around November 3, 2023. An authorized third party was able to access the IMS systems, resulting in the non-availability of certain IMS applications.
On November 24, 2023, IMS told Bank of America that data concerning deferred compensation plans serviced by Bank of America may have been compromised. Bank of America’s systems were not compromised… It is unlikely that we will be able to determine with certainty what personal information was accessed as a result of this incident at IMS.
Infosys McCamish Systems Data Breach Notification (Source)
Who Is Behind the Attack? LockBit Claims It
When the incident was first reported in a filing with the U.S. Securities and Exchange Commission, it was said that the security compromise in November caused a “non-availability of certain applications and systems in IMS.”
LockBit ransomware gang claimed responsibility for the IMS attack, declaring that its operations were able to encrypt over 2,000 systems during the breach.
Infosys Entry on LockBit’s Site (Source)
The parent company of IMS, Infosys, is a massive global provider of IT consulting and services, with over 300,000 workers and clients in over 56 countries.
In the US, its territories, and more than 35 other countries, Bank of America provides services to about 69 million customers through roughly 15,000 ATMs and more than 3,800 retail financial centers.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
