Bank of America Details

    Organization Logo

    Bank of America

    Charlotte, North Carolina216823 employees • Financials

    Industry

    Financials

    Security Incidents

    2

    Bank of America Corporation is a multinational investment bank and financial services holding company headquartered in Charlotte, North Carolina. Founded in 1904 as Bank of Italy by Amadeo Giannini, it has grown to become one of the largest banking institutions in the United States, providing a wide array of financial products and services, including consumer banking, wealth management, and corporate banking. The company serves approximately 66 million consumers and small business clients worldwide and operates through thousands of retail financial centers & ATMs, as well as digital banking pl...
    Show more

    Security Incidents

    Bank of America Breach of Nov 2023
    Severity Score
    Significant to High

    Type

    Ransomware Attack

    Summary

    In November 2023, a cybersecurity incident at Infosys McCamish Systems, a company closely associated with Bank of America, exposed customer data including Social Security numbers. Bank of America reported that customers' personal information such as names, addresses, dates of birth, and Social Security numbers may have been compromised, affecting approximately 57,028 customers. Despite investigations by third-party forensic firms, it remains uncertain which personal information was accessed, highlighting the ongoing challenge of securing data in the face of third-party breaches.

    Severity

    This data breach at Infosys McCamish Systems, a service provider for Bank of America, exposed sensitive personal information, including names, addresses, social security numbers, and financial details, of approximately 57,028 individuals. This breach underscores the severity of cybersecurity threats faced by financial institutions and their service providers, potentially affecting millions of Bank of America's 69 million clients and exposing them to identity theft and financial fraud. Despite Bank of America's systems remaining uncompromised, the incident highlights the interconnectedness of c...
    Show more

    Impact

    The data breach at Infosys McCamish Systems in November 2023 led to the exposure of personal information, including Social Security numbers, of over 57,000 Bank of America customers. This breach occurred when an unauthorized party, identified as the LockBit ransomware group, accessed the information through Infosys McCamish's systems, prompting Bank of America to provide identity theft protection to affected customers. Despite Bank of America's assertion that the breach affected Infosys McCamish's systems rather than its own, questions about responsibility remain, highlighting the complexities...
    Show more
    Bank of America Breach of May 2023
    Severity Score
    Moderate to Significant

    Type

    Unknown

    Summary

    In May 2023, Chase Bank experienced a security incident where a bug allowed unauthorized access to retirement plan records of 451,809 customers. This breach exposed sensitive information such as names, addresses, Social Security numbers, and bank account numbers. The issue gave full access to several "authorized system users" who were employed by JPMorgan customers or their agents. JPMorgan has since fixed the bug and is working to address the aftermath of the breach. The FBI and U.S. Secret Service are investigating the incident to determine the full scope of the breach and its impact on cust...
    Show more

    Severity

    The severity of the Chase Bank cyber security incident in May 2023 was significant, with a wave of cyber attacks targeting the bank. Fraudsters were noted to be increasingly sophisticated and quick in their tactics, posing a serious threat to the security of Chase Bank's systems and data.

    Impact

    The breach impacted sensitive financial and personal data belonging to hundreds of thousands of JP Morgan Chase's retirement plan members. Names, addresses, phone numbers, email addresses, and internal information related to users were compromised, affecting a large number of households and small businesses.