Bank of America has issued a warning to customers regarding a data breach linked to a security incident at Infosys McCamish Systems (IMS), which provides services for the bank’s deferred compensation plans.
On or around November 3, 2023, IMS experienced a cybersecurity event where an unauthorized third party gained access to its systems. The breach resulted in the exposure of personally identifiable information (PII) for customers of Bank of America, including names, addresses, social security numbers, dates of birth, and financial details such as account and credit card numbers.
IMS reported that the data breach affected 57,028 individuals but asserted that there is no evidence of ongoing threat actor access or persistence within its environment. In response, Bank of America is proactively enrolling those affected in a complimentary two-year membership for identity theft protection services offered by Experian.
Additionally, the bank recently announced that throughout 2023, its clients engaged with their finances over 23.4 billion times through digital logins and proactive alerts, marking an 11% increase year over year and setting a new record.