Infosys McCamish Systems (IMS), a subsidiary of Infosys specializing in life insurance and retirement solutions, recently faced a cybersecurity incident resulting in the disruption of applications and the compromise of information belonging to 57,028 individuals, including clients such as Bank of America. The attack, detected around October 29th, 2023, involved threat actors accessing IMS systems and launching disruptive actions. IMS’s consumer notice indicates uncertainty about the specific compromised data but highlights potential exposures, including names, addresses, business email addresses, dates of birth, Social Security Numbers, and other account information.
Despite IMS’s notification to Bank of America about potential impacts, subsequent investigations revealed no breach within the bank’s systems. However, the full scope of the breach remains uncertain, and IMS may not have identified the complete impact figure. Affected parties, including IMS associates and organizations connected to IMS, are advised to bolster their cybersecurity measures. Individuals should focus on securing accounts with robust passwords and multi-factor authentication, while business associates must review systems for vulnerabilities and update access permissions. IMS’s response to the breach may have prevented direct access to Bank of America but highlights the importance of safeguarding data from potential misuse.
