BofA Confirms Third-Party Breach

Bank Spokesman: Customer Data is Secure

By , March 5, 2013.
BofA Confirms Third-Party Breach

Hacktivists are taking credit for a data breach impacting Bank of America - an incident the hackers claim allowed them to access employee and executive data stored through a third party.

See Also: The Evolution of Advanced Malware

"The data was retrieved from an Israeli server in Tel Aviv," says the hacktivist group Par:AnoIA, part of the Anonymous Intelligence Agency, in a release issued Feb. 27.

The group says it released 14 gigabytes of data, code and software related to BofA, Bloomberg, Thomson Reuters, TEKSystems and ClearForest.

ClearForest, a Thomson Reuters company based in Tel Aviv that provides business and data analytics, is the third-party service provider hacktivists claim was storing data on an open server.

"This incident shows how irresponsible companies handle the data," the hacktivist group says. "Even more alarmingly, the findings indicate that corporations like Bank of America are funding these operations."

The group says it released the data it retrieved on Pastebin and Twitter. "We release the received files in full to raise awareness to this issue and to send a signal to corporations and Governments that this is unacceptable," the hacktivists add.

Bank of America, in a March 5 response to BankInfoSecurity, confirms a third-party compromise is to blame for the data leak, although it does not identify the company that was breached.

"This company was working on a pilot program for monitoring publicly available information to identify information security threats," states BofA spokesman Mark Pipitone. "Bank of America systems were not compromised. Our customer data is secure."

Hacktivists say the data they accessed showed BofA and other companies had been collecting information about private citizens.

"We take seriously our role in protecting our customers, data and systems," BofA's Pipitone adds. "That includes our role in protecting customers from individuals and organizations working to disrupt our business."

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Industry News: Symantec Works with Narus

Leading this week's industry news roundup, Symantec has entered an agreement with Narus to provide...

Latest Tweets and Mentions

ARTICLE Industry News: Symantec Works with Narus

Leading this week's industry news roundup, Symantec has entered an agreement with Narus to provide...

The ISMG Network