Bank of America, N.A. recently filed a notice of data breach with the Attorney General of Texas after discovering unauthorized access to confidential information through a third-party data breach at Infosys McCamish Systems LLC (“IMS”). The breach exposed sensitive information of consumers, including names, Social Security numbers, financial account details, addresses, and dates of birth.
The incident, which occurred on November 3, 2023, involved a cyberattack targeting Infosys, resulting in certain systems of IMS becoming inaccessible. Upon learning about the breach, IMS initiated an investigation with external data forensics specialists. Subsequently, on November 24, 2023, IMS informed Bank of America about the potential impact on data related to certain deferred compensation plans serviced by the bank.
Bank of America clarified that its own computer network was not compromised during the breach. Following the discovery of unauthorized access to consumer data, IMS conducted a review to identify the compromised information and affected individuals. Affected parties received data breach notification letters from Bank of America on February 6, 2024, detailing the compromised information.
The breach underscores the importance of safeguarding sensitive data and highlights the risks associated with third-party data breaches. Individuals affected by the breach are advised to take necessary precautions to protect themselves from potential fraud or identity theft.
Bank of America, N.A., headquartered in Charlotte, North Carolina, is one of the largest financial services companies in the United States, offering a range of banking and investment services. Infosys McCamish Systems LLC, based in Atlanta, Georgia, is a subsidiary of Infosys Limited, a global provider of IT and consulting services based in India.
