/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow Us/dq/media/post_banners/wp-content/uploads/2017/03/datab.jpg)
Bank of America
According to records filed with the Maine Attorney General in the United States, Bank of America identified Infosys McCamish Systems as the source of a data breach that affected 57,028 clients. Infosys McCamish Systems (IMS) is Infosys' step-down subsidiary. The notification, sent on behalf of Bank of America, defines the incident as an "external system breach (hacking)" and the information obtained as "name or another personal identifier in combination with social security number."
The overall number of people affected
According to the data breach report, the overall number of people affected (including residents) is expected to be 57,028, with 93 Maine residents affected. According to the notification, the breach happened on 29 October 2023 and was discovered on 30 October 2023. An outside counsel for Bank of America (BofA) submitted a notification to the Office of the Maine Attorney General naming IMS.
A cybersecurity event impacted IMS
A letter attached to the disclosure stated, "On or around 3 November 2023, IMS was impacted by a cybersecurity event when an unauthorised third party accessed IMS systems, resulting in the non-availability of certain IMS applications." On 24 November 2023, IMS notified Bank of America that data relating to deferred compensation programs handled by Bank of America might have been compromised.
A cybersecurity incident resulted in the unavailability of specific applications and systems in IMS
"Bank of America's systems were not compromised." It is worth noting that on 3 November 2023, Infosys informed the stock exchanges that Infosys McCamish Systems, a subsidiary of Infosys BPM (a wholly-owned subsidiary of Infosys), had become aware of a cybersecurity incident that resulted in the unavailability of specific applications and systems in IMS.
Infosys Take
"Data protection and cybersecurity are critical to us. We are working with a prominent cybersecurity solution vendor to remedy this as soon as possible, and we have also begun an independent investigation with them to determine the potential impact on systems and data," Infosys stated.