TRENDING:

BofA Confirms Third-Party Breach

Bank Spokesman: Customer Data is Secure Tracy Kitten (FraudBlogger) • March 5, 2013    
BofA Confirms Third-Party Breach

Hacktivists are taking credit for a data breach impacting Bank of America - an incident the hackers claim allowed them to access employee and executive data stored through a third party.

See Also: Prescription for Savings: Pharmaceutical Innovator Trusts the Cloud to Make Medicine Affordable

"The data was retrieved from an Israeli server in Tel Aviv," says the hacktivist group Par:AnoIA, part of the Anonymous Intelligence Agency, in a release issued Feb. 27.

The group says it released 14 gigabytes of data, code and software related to BofA, Bloomberg, Thomson Reuters, TEKSystems and ClearForest.

ClearForest, a Thomson Reuters company based in Tel Aviv that provides business and data analytics, is the third-party service provider hacktivists claim was storing data on an open server.

"This incident shows how irresponsible companies handle the data," the hacktivist group says. "Even more alarmingly, the findings indicate that corporations like Bank of America are funding these operations."

The group says it released the data it retrieved on Pastebin and Twitter. "We release the received files in full to raise awareness to this issue and to send a signal to corporations and Governments that this is unacceptable," the hacktivists add.

Bank of America, in a March 5 response to BankInfoSecurity, confirms a third-party compromise is to blame for the data leak, although it does not identify the company that was breached.

"This company was working on a pilot program for monitoring publicly available information to identify information security threats," states BofA spokesman Mark Pipitone. "Bank of America systems were not compromised. Our customer data is secure."

Hacktivists say the data they accessed showed BofA and other companies had been collecting information about private citizens.

"We take seriously our role in protecting our customers, data and systems," BofA's Pipitone adds. "That includes our role in protecting customers from individuals and organizations working to disrupt our business."

Previous
Mobility: The Top Threats
Next
New Wave of DDoS Attacks Launched

About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.



Around the Network

Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.