Data Breach at Bank of America
Data breaches seemingly occur every day, especially when it pertains to banks. When breaches happen, they have a significant impact on both banks and customers. Banks must mitigate the issue, conduct an investigation, and notify customers as soon as possible. While banks are taking backlash socially and financially, customers are forced to check and double check to see if they are a victim of attacks such as fraud as a result. Recently, Bank of America and some of its clients have become the latest characters in this scenario.
Bank of America partnered with the US Small Business Administration to test the signup process for the bank’s PPP (Paycheck Protection Program). The bank conducted this test to allow SBA lenders and third-party vendors to test the platform. Sounds simple enough, right? Well, on April 22nd, lenders and vendors were appalled at what they found. The test platform showed applicant’s business and personal names, their personal addresses, and even their Social Security Numbers.
Fortunately, the breach was fixed shortly after being discovered. According to Info Security, Bank of America’s breach notification stated: “There is no indication that your information was viewed was or misused by these lenders or their vendors. And your information was not visible to other business clients applying for loans, or to the public, at any time.”
Truthfully, time will tell if this breach will have an effect on the bank’s clients. Either way, this is a scenario that unfortunately happens too often. So, what can businesses do to avoid becoming a victim to data breaches? Below are a few ideas:
- Educating Employees.Believe it or not, a majority of attacks today are due to phishing. Educate your employees on how to recognize phishing methods (fake e-mails and phone calls), and what to do if they are unsure.
- Moving Data to a Cloud Provider.If your business does not have adequate knowledge or staff in-house, consider migrating to the cloud. Cloud providers are one of the most secure places to store data because of their strong cybersecurity stack.
- Implement MFA (Multi-Factor Authentication).Multi-Factor Authentication forces users to perform multiple steps in order to be granted gain access into their systems. This lowers the percentage of an attack because a cybercriminal would need more than one piece of info to gain access.
- Bring in an IT Consultant.Cybersecurity is constantly changing, and it’s difficult to keep up with the latest attacks and protection systems. An IT consultant can advise you on what solutions and strategies fit your company best.
If you’re interested in learning how to implement these suggested strategies, contact ushere.