Bank of America is warning customers of a data breach following a security breakdown at Infosys McCamish Systems, a provider of services for deferred compensation plans at the bank.
On or around November 3, 2023, IMS was impacted by a cybersecurity event when an unauthorised third party accessed IMS systems.
Bank of America customer information (PII) exposed in the security breach includes the affected individuals' names, addresses, social security numbers, dates of birth, and financial information, including account and credit card numbers.
IMS says the hack exposed the personally identifiable data of 57,028 people, but insists it has found no evidence of continued threat actor access, tooling, or persistence in the IMS environment.
Bank of America says that, "out of an abundance of caution", it is enrolling affected customers in a complimentary two-year membership of identity theft protection services provided by Experian.
The bank has just released figures showing that throughout 2023 clients connected with their finances more than 23.4 billion times through a combination of digital logins and proactive alerts - an 11% increase year over year and all-time record.