New Data Breach Affected Some Bank Of America Loan Applicants

May 30, 2020

Written by wukovits

If you’re like many business owners, you may have recently applied for a loan through the Paycheck Protection Program (PPP) which was one of the COVID-19 relief funds established by the Federal government in response to the global pandemic.

If you applied for that loan through Bank of America, be advised that the company recently disclosed a security incident that impacted its online platform for processing those loan requests. The company says that it is possible that other lenders or organizations may have temporarily had access to significant portions of your application data.

The breached data included, but was not limited to:

  • Your business’ name and physical address
  • Designated company contact officials
  • Your firm’s Tax Identification Number
  • The name of the company owner
  • The Social Security Number of the company owner, as well as the owner’s email address, phone number and citizenship

Based on the initial findings of an investigation into the matter, Bank of America says that an SBA test server was at the root of the problem.

Per a company spokesman, “…this platform was designed to allow authorized lenders to test the process for submitting PPP applications to the SBA prior to the actual submission process.”

The company’s official words on the matter makes the issue seem rather insignificant, but there’s more. Some business owners have reported that when they logged back into the system to check the status of their loan application, they could see the details of other loan applicants in their dashboard. That means that potentially, many more people than just ‘authorized lenders’ may have seen the details of your loan application.

The investigation is still ongoing, and so far, Bank of America has declined to comment on the growing number of reports described above, or offered any additional information. If you submitted your application to the PPP loan program by way of Bank of America, just be advised that for a brief period of time, others may have gained access to your application details, and that the problem that caused it has now been solved.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.