BreachExchange mailing list archives
Bank of America reveals data breach in PPP application process
From: Destry Winant <destry () riskbasedsecurity com>
Date: Tue, 26 May 2020 09:22:27 -0500
https://www.bizjournals.com/charlotte/news/2020/05/26/bank-of-america-discloses-ppp-data-breach.html Bank of America Corp. (NYSE: BAC) has revealed a possible data breach on business clients' information for the Paycheck Protection Program. The breach occurred on April 22, as BofA uploaded PPP applications onto the U.S. Small Business Administration's test platform, according to a filing with the California Attorney General's Office. The limited-access platform allowed lenders to test PPP submissions before the process began. Charlotte-based BofA said application information may have been visible to other SBA-authorized lenders and their vendors. "There is no indication that your information was viewed or misused by these lenders or their vendors. And your information was not visible to other business clients applying for loans, or to the public, at any time," BofA said. Compromised information could include business details, such as an address or tax identification number, or a business owner's information, such as name, address, Social Security number, phone number, email and citizenship status. The bank said the data breach did not affect the applications' submission to the SBA. It asked the SBA to remove the visible information that same day, according to the filing. BofA said it also conducted internal investigations. It is offering a free two-year membership for Experian identify theft protection, which includes daily credit monitoring and surveillance. It did not say how many customers were affected. Clients should monitor their accounts for the next one to two years, BofA said. The bank offers more safety tips at www.bankofamerica.com/privacy. "Keeping your information confidential is one of our most important responsibilities. We are notifying you so we may work together to protect your personal and business information," BofA said in the filing. The SBA's PPP launched on April 3 as a forgivable loan program to help businesses struggling amid the Covid-19 pandemic. Congress has set aside nearly $660 billion for the program, including a second round that began on April 27. The SBA has so far approved more than 4.4 million loans totaling $511.2 billion. There are more than 5,500 participating lenders. Federal agency set to lay off nearly 1,000 KC-area workers BofA said it has processed more than 305,000 PPP loans exceeding $25 billion. It was the first large lender to launch its online PPP portal. As of May 18, BofA had funded about 8,300 PPP loans totaling $556 million for North Carolina business owners. That's out of 8,700 loan approvals. BofA had provided Charlotte-area businesses with more than $273 million in PPP relief. Average loan size in Charlotte is about $67,000. Customers with questions or concerns are asked to contact BofA's privacy response unit at 1-800-252-2867. Customers can also call 1-800-432-1000 if they spot unauthorized activity on their accounts. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Bank of America reveals data breach in PPP application process Destry Winant (May 26)