BofA Confirms Third-Party Breach

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.bankinfosecurity.com/bofa-confirms-third-party-breach-a-5582

By Tracy Kitten
Bank Info Security
March 5, 2013

Hacktivists are taking credit for a data breach impacting Bank of America 
- an incident the hackers claim allowed them to access employee and 
executive data stored through a third party.

"The data was retrieved from an Israeli server in Tel Aviv," says the 
hacktivist group Par:AnoIA, part of the Anonymous Intelligence Agency, in 
a release issued Feb. 27.

The group says it released 14 gigabytes of data, code and software related 
to BofA, Bloomberg, Thomson Reuters, TEKSystems and ClearForest.

ClearForest, a Thomson Reuters company based in Tel Aviv that provides 
business and data analytics, is the third-party service provider 
hacktivists claim was storing data on an open server.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.