Data Breach - Bank of America Warns Clients & Customers

Bank of America is warning customers of a cyber attack and is sending notification letters to 57,000 customers to inform them that their personal information was stolen in a data breach that is  exposing their personal information after Infosys McCamish Systems (IMS), one of its service providers, was hacked last  November.

The exact number of Bank of America customers impacted by the breach, including personally identifiable information such as social security numbers, account numbers, date of birth and addresses, has not been confirmed.

Bank of America serves approximately 69 million clients at over 3,800 retail financial centers and through approximately 15,000 ATMs in the United States, its territories, and more than 35 countries.

"Or around November 3, 2023, IMS was impacted by a cybersecurity event when an unauthorised third party accessed IMS systems, resulting in the non-availability of certain IMS applications," the breach notification says.

"On November 24, 2023, IMS told Bank of America that data concerning deferred compensation plans serviced by Bank of America may have been compromised. Bank of America's systems were not compromised.... It is unlikely that we will be able to determine with certainty what personal information was accessed as a result of this incident at IMS."

LockBit Ransomware Attack On IMS

The November security breach led to a "non-availability of certain applications and systems in IMS," as explained when the incident was first disclosed in a filing with the US Securities and Exchange Commission. On November 4th, the LockBit ransomware gang claimed responsibility for the IMS attack, saying that its operators encrypted over 2,000 systems during the breach.

The LockBit ransomware-as-a-service (RaaS) operation came to light in September 2019 and has since targeted many high-profile organisations, including the UK’s Royal Mail and others.  Lockbit was most recently in the news resulting from a combined US and UK law enforcement operation which impounded the RaasS website. 

Maine Attorney General     |     Document Cloud     |     Security Week     |     Twitter     |   Bleeping Computer     |   

 Forbes     |     Infosys     |     Maine Attorney General

You Might Also Read: 

Lockbit's Website Taken Down By Law Enforcement:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Nation State Hackers Deploy AI
Surge in “Hunter-Killer” Malware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

JLT Specialty

JLT Specialty

JLT Specialty is a leading specialist insurance broker. Services offered include Cyber Risks insurance.

Computing Technology Industry Association (CompTIA)

Computing Technology Industry Association (CompTIA)

CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

Totaljobs

Totaljobs

Totaljobs is the UK’s largest hiring platform. We have over 280,000 live jobs adverts on our site, helping you to find any type of job in any industry, including cybersecurity.

Rule4

Rule4

Rule4 is a global professional services firm that provides practical, real-world knowledge and solutions in areas including cybersecurity, AI, Machine Learning and industrial control systems.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

EBRAND Services

EBRAND Services

EBRAND, the European experts for brand protection on the Internet. We offer a full set of services including cybermonitoring, fighting counterfeiting offences and online security.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

Dazz

Dazz

Dazz is the cloud security remediation platform for smart security and development teams.

Sure Valley Ventures

Sure Valley Ventures

Sure Valley Ventures is an entrepreneur led venture capital fund focused on helping software entrepreneurs grow and scale businesses that will have a global impact.

ATSG

ATSG

ATSG is a global leader in transformational technology solutions for today’s digital enterprise. Cybersecurity ranging from Advisory & Assessment to Fully Managed Detection and Response Services.

FutureRange

FutureRange

Specialising in IT Managed Services, Cybersecurity and Digital Transformation, FutureRange experts provide professional IT services for clients throughout Ireland and beyond.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.

Cylerian

Cylerian

Cylerian is a Next Generation SaaS Security Platform - One unified cloud platform to achieve your security, compliance, and operational objectives.

Virtual Cyber Labs

Virtual Cyber Labs

Virtual Cyber Labs is a 21st generation Cybersecurity Edu-Tech company that offers an all-in-one hub including custom syllabus and labs.