Bank of America reports third party data breach impacting loan customers

Bank of America reports a data breach caused by unauthorized access to a third-party vendor's software systems. The incident was discovered on October 24, 2024, though the actual breach occurred on October 1, 2024.

Bank of America has conducted an internal investigation to determine the scope of affected data and confirmed the termination of unauthorized access. The bank has not disclosed the identity of this vendor or specific details about the security vulnerability that led to the breach.

The breach affected 414 individuals . The incident specifically impacted loan customers, and Bank of America claims that their own systems were not compromised during the breach. The exposed information includes:

• Names
• Addresses
• Phone numbers
• Passport numbers
• Social Security numbers
• Mortgage loan numbers

Bank of America officially notified affected customers on January 3, 2025 and is offering 24 months of complimentary identity theft protection and credit monitoring services through Experian.