Infosys subsidiary named as source of Bank of America data leak

Trending 2 weeks ago

Indian tech services elephantine Infosys has been named arsenic nan root of a information leak suffered by nan Bank of America.

Infosys disclosed nan breach successful a November 3, 2023, filing [PDF] that revealed its US subsidiary Infosys McCamish Systems LLC (IMS) "has go alert of a cyber information incident resulting successful non-availability of definite applications and systems successful IMS."

A information breach notification revenge successful nan US authorities of Maine this week describes nan incident arsenic "External strategy breach (hacking)" and reveals nan improperly accessed information includes "Name aliases different individual identifier successful operation with: Social Security Number."

The notification was submitted by an extracurricular lawyer moving connected behalf of nan Bank of America, names IMS arsenic nan source, and revealed that accusation connected 57,028 group was leaked.

A sample of nan letter [PDF] sent to those impacted by nan incident reveals that connected November 24, "IMS told Bank of America that information concerning deferred compensation plans serviced by Bank of America whitethorn person been compromised. Bank of America's systems were not compromised."

  • India's large 4 services giants soar connected request for AI
  • Infosys co-founder doubles down connected telephone for 70-hour activity weeks
  • Working from location ne'er looked better: Leopard stalks astir Infosys and TCS campuses
  • Wipro: Get backmost to nan agency for 3 days a week aliases else

Things past get a spot scary: "It is improbable that we will beryllium capable to find pinch certainty what individual accusation was accessed arsenic a consequence of this incident astatine IMS. According to our records, deferred compensation scheme accusation whitethorn person included your first and past name, address, business email address, day of birth, Social Security number, and different relationship information."

In different words, almost everything a fraudster needs to effort personality fraud – a apt result of this arena arsenic nan word "deferred compensation plan" describes backstage pensions, status savings plans, and awards of banal options.

The word tin besides picture payouts nether life security policies, which The Register mentions arsenic IMS bills itself arsenic "the halfway of excellence for Infosys's Life Insurance package solutions and services offerings successful nan US."

The Register has asked Infosys to explicate nan incident. We've not received a consequence astatine nan clip of publication.

But we statement that connected November 4, 2023, an allegation emerged that nan notorious LockBit ransomware-as-a-service pack was down nan incident astatine IMS.

Ransomware surely fits nan explanation of nan incident.

Victims person been offered nan accustomed proposal – alteration passwords, watch your accounts for worldly you didn't do – and nan customary 2 years of free personality theft protection services from Experian. ®