Data Breach at Bank of America
upstart writes in with an IRC submission:
Data Breach at Bank of America:
Bank of America Corporation has disclosed a data breach affecting clients who have applied for the Paycheck Protection Program (PPP).
Client information was exposed on April 22 when the bank uploaded PPP applicants' details onto the US Small Business Administration's test platform. The platform was designed to give lenders the opportunity to test the PPP submissions before the second round of applications kicked off.
The breach was revealed in a filing made by Bank of America with the California Attorney General's Office. As a result of the incident, other SBA-authorized lenders and their vendors were able to view clients' information.
Data exposed in the breach consisted of details relating not only to individual businesses, but also to their owners. Compromised data may have included the business address and tax identification number along with the owner's name, address, Social Security number, phone number, email address, and citizenship status.
[...] In a breach notification document, a spokesperson for the bank said: "There is no indication that your information was viewed or misused by these lenders or their vendors. And your information was not visible to other business clients applying for loans, or to the public, at any time."
[...] Bank of America is offering clients affected by the breach free two-year membership of Experian's identity theft protection program.
Disclaimer: SoylentNews PBC has an account with Bank of America, but has not made an application to the PPP. In fact, since all SoylentNews staff are volunteers and have never been paid for their services, there was never any need or reason to apply for PPP.
Read more of this story at SoylentNews.