SoylentNews is people
SoylentNews
Submission Preview
Data Breach at Bank of America
████ # This file was generated bot-o-matically! Edit at your own risk. ████
Data Breach at Bank of America [infosecurity-magazine.com]:
Bank of America Corporation has disclosed a data breach affecting clients who have applied for the Paycheck Protection Program (PPP).
Client information was exposed on April 22 when the bank uploaded PPP applicants' details onto the US Small Business Administration's test platform. The platform was designed to give lenders the opportunity to test the PPP submissions before the second round of applications kicked off.
The breach [bizjournals.com] was revealed in a filing made by Bank of America [bankofamerica.com] with the California Attorney General's Office. As a result of the incident, other SBA-authorized lenders and their vendors were able to view clients' information.
Data exposed in the breach consisted of details relating not only to individual businesses, but also to their owners. Compromised data may have included the business address and tax identification number along with the owner's name, address, Social Security number, phone number, email address, and citizenship status.
Bank of America, which is headquartered in Charlotte, North Carolina, said that access to the information was limited.
In a breach notification document, a spokesperson for the bank said: "There is no indication that your information was viewed or misused by these lenders or their vendors. And your information was not visible to other business clients applying for loans, or to the public, at any time."
The bank neglected to share any specifics of which applicants were affected by the breach, stating only that it was a "small number" of clients. The exposed data was drawn from a pool of nationwide applications, meaning that businesses in multiple states may have been impacted.
More than 305,000 PPP relief applications have been processed by Bank of America with the SBA.
Upon discovering the breach, the bank asked the Small Business Administration to remove the visible information. According to the filing, the SBA resecured the exposed data within one day of its being accidentally exhibited.
The bank said that the PPP application and submission processes were not affected by the cybersecurity mishap. An internal investigation has been launched to determine how the data came to be exposed.
Bank of America is offering clients affected by the breach free two-year membership of Experian's identity theft protection program.
What’s Hot on Infosecurity Magazine?
- Read [javascript]
- Shared [javascript]
- Watched [javascript]
- Editor's Choice [javascript]
NewsNewsData Breach at Bank of America [infosecurity-magazine.com]NewsNewsLawyers Aim £18bn Class Action Suit at easyJet [infosecurity-magazine.com]NewsNewsWishbone Breach: 40 Million Records Leaked on Dark Web [infosecurity-magazine.com]NewsNewsDNS Traffic Analysis Detects Hidden DDoS Attacks [infosecurity-magazine.com]NewsNewsCISSP Qualification Given Cert Status Equivalent to Master’s Degree Level [infosecurity-magazine.com]NewsNewsMicrosoft Warns of “Massive” #COVID19 RAT [infosecurity-magazine.com]NewsNewsIntelligence Gateway Launches to Compile Malicious #COVID19 URLs [infosecurity-magazine.com]NewsNewsC-Level Executives the Weakest Link in Organizations’ Mobile Security [infosecurity-magazine.com]NewsNewsCyber-Criminals Impersonating Google to Target Remote Workers [infosecurity-magazine.com]WebinarWebinarWebinarThe Impact of Artificial Intelligence on Cyber-Resilience [infosecurity-magazine.com]NewsNewsCheck Point Unmasks Hacktivist Who Defaced Nearly 5000 Sites [infosecurity-magazine.com]NewsNewsRansomware Demands Soared 950% in 2019 [infosecurity-magazine.com]WebinarWebinarWebinarAvoiding the Security Pitfalls of Digital Transformation [infosecurity-magazine.com]WebinarWebinarWebinarInfosecurity Magazine's Women In Cybersecurity - Virtual Event [infosecurity-magazine.com]WebinarWebinarWebinarZero-Trust Security: Making Remote Working, Work [infosecurity-magazine.com]WebinarWebinarWebinar#WFH and Network Security – Lessons Learned So Far [infosecurity-magazine.com]WebinarWebinarWebinarProtecting your Organization Against Phishing Attacks [infosecurity-magazine.com]WebinarWebinarWebinarSafeguarding Your Digital Transformation with Detection and Response [infosecurity-magazine.com]InterviewInterviewInterview: Aman Johal, Lawyer and Director, Your Lawyers [infosecurity-magazine.com]BlogBlogWho is Responsible for End-of-Life Data Destruction? [infosecurity-magazine.com]News FeatureNews FeatureGDPR: The First Two Years and Future Challenges [infosecurity-magazine.com]SlackspaceSlackspaceSCANimals [infosecurity-magazine.com]News FeatureNews FeatureTop Ten: Things Learned from Two Years of GDPR [infosecurity-magazine.com]OpinionOpinionBank Data Integrity and #COVID19: Stop Copying Your Data! [infosecurity-magazine.com]
Please wait…
