The Case At Hand
In November of 2021, Bank of America was hacked by the LockBit ransomware group, and the sensitive data of thousands of accounts was compromised [1]. Although the methods the hackers used are unknown, what is known is they infiltrated Infosys McCamish’s system, and 57,028 accounts were affected [3]. The breach occurred on November 3rd, and Infosys McCamish notified Bank of America of the breach on November 24th, several weeks later.
The Harms/Benefits Caused
The information contained in the data breach included things like names, addresses, dates of birth, social security numbers, and business email addresses, among other forms of personal information [2]. These forms of information being released out in the open puts people at risk for identity theft and other terrible circumstances.
How to Deal With Them
Two-factor authentication, or 2FA, is a security system that requires two forms of authentication before allowing access to whatever data is being protected [6]. For example, requiring a password or PIN (personal identification number) as well as a code sent to the users smartphone, can be sufficient; even a fingerprint works in some cases. This latter example comes from a form of verification known as biometric authentication, which can use your face, fingerprint, or retina to verify the user's identity [6]
VPNs, or virtual private networks, allow you the browse data in a way that is anonymous and untraceable, so your history surrounding sensitive information cannot be traced or tampered with. By connecting you to a remote server, it encrypts your activities and disguises your IP address [4]. Hackers can gain access to your personal data using your search history, so having it protected while you browse is not such a bad thing to consider.
“Penetration testing” is another way to protect your system, and it is something that Bank of America should maybe look into. It is when a cybersecurity expert (a.k.a an “ethical hacker” tests your system's security by quite literally hacking into it and searching for weaknesses that real hackers could and would use to gain access to your information [5]. They utilize methods such as phishing, or even direct attacks on the system, to identify any gaps in the system security that they can. Naturally, after all the tests have concluded they report back to the company what kind of improvements they could make to their systems defenses.
Tips and Tricks From Fellow Victims
Occasionally we will be sitting in a room together as a family and Siri will randomly activate and write things down that we are saying in voice-to-text form, despite us not prompting it to.
An anonymous friend
Sometimes when I am talking with a friend about something I need or want, an ad for that very thing will pop up on my screen as if my phone knows I want it.
An anonymous friend
For a full list of our clients and projects, view our client portfolio.
Credits:
Created with images by • stockmedia - CCTV Split Screen Surveillance Security Camera Background • allvision - gap obstacle • Andy Dean - Pros and Cons Green Road Sign Over Clouds • tashatuvango - Folder in Catalog Marked as Solutions • Roey - Close-up of smartphone screen with privacy lock icon and hand partially covering it, highlighting the significance of phone security and personal data protection. • Watie2781 - Close-up of a confidential document with the word "Confidential" magnified by a glass, emphasizing privacy and security.