PWSHub News

Infosys subsidiary named as source of Bank of America leak

Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America.

Infosys disclosed the breach in a November 3, 2023, filing [PDF] that revealed its US subsidiary Infosys McCamish Systems LLC (IMS) "has become aware of a cyber security incident resulting in non-availability of certain applications and systems in IMS."

A data breach notification filed in the US state of Maine this week describes the incident as "External system breach (hacking)" and reveals the improperly accessed data includes "Name or other personal identifier in combination with: Social Security Number."

The notification was submitted by an outside attorney working on behalf of the Bank of America, names IMS as the source, and revealed that information on 57,028 people was leaked.

A sample of the letter [PDF] sent to those impacted by the incident reveals that on November 24, "IMS told Bank of America that data concerning deferred compensation plans serviced by Bank of America may have been compromised. Bank of America's systems were not compromised."

  • India's big four services giants soar on demand for AI
  • Infosys co-founder doubles down on call for 70-hour work weeks
  • Working from home never looked better: Leopard stalks around Infosys and TCS campuses
  • Wipro: Get back to the office for three days a week or else

Things then get a bit scary: "It is unlikely that we will be able to determine with certainty what personal information was accessed as a result of this incident at IMS. According to our records, deferred compensation plan information may have included your first and last name, address, business email address, date of birth, Social Security number, and other account information."

In other words, almost everything a fraudster needs to attempt identity fraud – a likely outcome of this event as the term "deferred compensation plan" describes private pensions, retirement savings plans, and awards of stock options.

The term can also describe payouts under life insurance policies, which The Register mentions as IMS bills itself as "the center of excellence for Infosys's Life Insurance software solutions and services offerings in the US."

The Register has asked Infosys to explain the incident. We've not received a response at the time of publication.

But we note that on November 4, 2023, an allegation emerged that the notorious LockBit ransomware-as-a-service gang was behind the incident at IMS.

Ransomware certainly fits the description of the incident.

Victims have been offered the usual advice – change passwords, watch your accounts for stuff you didn't do – and the customary two years of free identity theft protection services from Experian. ®


Related stories
1 week ago - Law enforcement's disruption of the LockBit ransomware crew comes as the criminal group was working on bringing a brand-new variant to market,...
1 week ago - The latest revelation from law enforcement authorities in relation to this week's LockBit leaks is that the ransomware group had registered nearly...
2 weeks ago - The Romanian national cybersecurity agency (DNSC) has pinned the outbreak of ransomware cases across the country's hospitals to an incident at a service provider. It said an unnamed service provider reported an issue prior to the flood...
2 weeks ago - Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group. The Fortune Global...
Other stories
15 minutes ago - One day the Vision Pro could exploit the technology to the fullIf you think Tim Cook has always led a charmed life at the helm of Apple, think...
46 minutes ago - You can get two Sonos Era 100 smart speakers for $88 off the normal price in a deal on Woot. It's almost as low as last year's Black Friday price.
46 minutes ago - Good afternoon from Las Vegas; I am here for The Netflix Slam, the streaming service’s latest live event. Netflix has tested live programming with...
46 minutes ago - Dear Amy: My brother and I have always had a tenuous relationship. Our father was abusive, but we are both in midlife and have led fairly successful...
1 hour ago - The Galaxy Z Fold 6 is one of 2024’s eagerly awaited handsets, and now we know more about Samsung’s plans to support the flagship foldable.
1 hour ago - Adding a soundbar to your TV is a great way to jazz things up with music streaming and voice capabilities. These are the best soundbars we’ve tested.