Thursday , April 24 2025
Bank of America

Bank of America warns customers of data breach

infosecbulletin Tuesday , February 13 2024 Cyber Attack, Data Breach, Hot Topic

Bank of America is warning customers about a data breach that exposed their personal information due to a hack at one of its service providers, Infosys McCamish Systems (IMS), last year.

The customer’s personal information that was exposed in the security breach includes their names, addresses, social security numbers, dates of birth, and financial information, such as account and credit card numbers. These details were shared with the Attorney General of Texas.

SonicWall patched SSLVPN Vuln Allowing Firewall Crashing

By infosecbulletin / Thursday , April 24 2025
SonicWall has revealed a vulnerability in its SonicOS SSLVPN Virtual Office interface that could let remote attackers crash firewall appliances....
Read More
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing

GitLab Releases Security Update For Multiple Vulns

By infosecbulletin / Thursday , April 24 2025
GitLab has announced a security advisory urging users to upgrade their self-managed installations right away. Versions 17.11.1, 17.10.5, and 17.9.7...
Read More
GitLab Releases Security Update For Multiple Vulns

ISPAB president “whatsapp” got hacked via phishing link

By infosecbulletin / Wednesday , April 23 2025
Imdadul Haque, the president of Internet Service Provider of Bangladesh (ISPAB) said, I automatically got back my WhatsApp account. What...
Read More
ISPAB president “whatsapp” got hacked via phishing link

Zyxel released patches 2 vulns in its USG FLEX H series firewalls

By infosecbulletin / Wednesday , April 23 2025
Zyxel Networks has issued critical security patches for two high-severity vulnerabilities in its USG FLEX H series firewalls. These flaws...
Read More
Zyxel released patches 2 vulns in its USG FLEX H series firewalls

South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked

By infosecbulletin / Wednesday , April 23 2025
South Korea's largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related...
Read More
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked

ChatGPT Develops Exploit for CVEs Before Public PoCs Share

By infosecbulletin / Wednesday , April 23 2025
Security researcher Matt Keeley showed that artificial intelligence can now develop working exploits for critical vulnerabilities before public proof-of-concept (PoC)...
Read More
ChatGPT Develops Exploit for CVEs Before Public PoCs Share

TP-Link Router Vulns Allow to Execute Malicious SQL Commands

By infosecbulletin / Tuesday , April 22 2025
Several vulnerabilities have been found in TP-Link routers, exposing users to serious security risks from SQL injection flaws in their...
Read More
TP-Link Router Vulns Allow to Execute Malicious SQL Commands

SSL.com’s domain validation system’s bug found: Hacker exploited

By infosecbulletin / Tuesday , April 22 2025
SSL.com has revealed a major security flaw in its domain validation system, which could enable attackers to acquire fake SSL...
Read More
SSL.com’s domain validation system’s bug found: Hacker exploited

Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals

By infosecbulletin / Tuesday , April 22 2025
Amazon has paused some data center lease negotiations for its cloud division, particularly in international markets, according to Wells Fargo...
Read More
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals

Hackers Exploit Zoom’s Remote Control Feature for System Access

By infosecbulletin / Monday , April 21 2025
ELUSIVE COMET is a threat actor conducting a sophisticated attack campaign that uses Zoom's remote control feature to access victims'...
Read More
Hackers Exploit Zoom’s Remote Control Feature for System Access

Bank of America has around 69 million clients in over 3,800 retail financial centers and through approximately 15,000 ATMs in the United States, its territories, and more than 35 countries.

Bank of America hasn’t said how many customers were affected by the data breach, but a notification letter filed with the Attorney General of Maine on behalf of the bank said that 57,028 people were directly affected.

“Or around November 3, 2023, IMS was impacted by a cybersecurity event when an unauthorized third party accessed IMS systems, resulting in the non-availability of certain IMS applications,” the data breach notification says.

“On November 24, 2023, IMS told Bank of America that data concerning deferred compensation plans serviced by Bank of America may have been compromised. Bank of America’s systems were not compromised.”

“It is unlikely that we will be able to determine with certainty what personal information was accessed as a result of this incident at IMS.”

LockBit claims ransomware attack on IMS:

The November security breach caused certain applications and systems in IMS to be unavailable, as reported in a filing with the U.S. Securities and Exchange Commission.

Source: Bleeping Computer

On November 4th, the LockBit ransomware gang claimed to the IMS attack. They stated that their members encrypted more than 2,000 systems during the breach.

Source: Bleeping computer, the register, Dataconomy

Check Also

Zoom's Remote Control Feature

Hackers Exploit Zoom’s Remote Control Feature for System Access

ELUSIVE COMET is a threat actor conducting a sophisticated attack campaign that uses Zoom’s remote …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin