Bank of America is alerting its customers about a data breach that occurred due to a security lapse at Infosys McCamish Systems, a company that provides services for deferred compensation plans at the bank.

Around November 3, 2023, Infosys McCamish Systems experienced a cybersecurity incident where an unauthorized third party gained access to its systems.

The breach compromised Bank of America customer information, including names, addresses, social security numbers, dates of birth, and financial details such as account and credit card numbers.

According to Infosys McCamish Systems, the breach exposed the personally identifiable information of 57,028 individuals. However, they assert that they have not found any evidence of ongoing access by threat actors or any tools left behind in their environment.

As a precautionary measure, Bank of America is providing affected customers with a complimentary two-year membership to identity theft protection services offered by Experian.

Additionally, the bank has disclosed that in 2023, clients engaged with their financial accounts more than 23.4 billion times through digital logins and proactive alerts—a remarkable 11% increase compared to the previous year, setting an all-time record.