Bank of America says data breach occured at other company

The data appears to come in part from a security contractor working with the bank

Bank of America blamed a data breach on another company that revealed internal emails related to monitoring of hacktivist groups including Anonymous.

A group affiliated with Anonymous, which calls itself the "Anonymous Intelligence Agency: Par:AnoIA" released what it claims is 14GB of data belonging to the bank and other organizations, including Thomson Reuters, Bloomberg and TEKsystems.

Email correspondence in the data suggests that TEKsystems was a contractor working for Bank of America and charged with monitoring public activity by hacker networks targeting the bank.

In a statement, Bank of America did not confirm it was working with TEKsystems, an IT consultancy that is part of the Allegis Group. But it said the source of the data came from a third party. Bank of America said its own systems were not compromised.

"In this instance, a third-party company was compromised," Bank of America said Wednesday. "This company was working on a pilot program for monitoring publicly available information to identify information security threats."

Officials with TEKsystems and Allegis group could not be immediately reached.

In a news release, Par:AnoIA said the data came from an unsecured server in Tel Aviv. "The source of this release has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs," the group said.

Large corporations have become increasingly interested in monitoring social networks and hacker forums for indications that they may come under attack. Companies that specialize in that kind of monitoring have also been targeted by groups such as Anonymous.

HB Gary Federal, a California security consultancy, was compromised by Anonymous in 2011 after the company had researched the real identities of some Anonymous members. That breach disclosed emails describing a proposal to help Bank of America's law firm, Hunton and Williams, discredit the whistle-blowing site WikiLeaks.

For its part, the banking industry has drawn the ire of Anonymous since it cut off payment processing of donations to WikiLeaks.

Par:AnoIA's data dump includes a batch of more than 500 emails with brief reports on the Occupy Wall Street movement and hacking groups such as TeaMp0isoN and UGNazi. It also contained briefings on public releases of credit-card numbers. The sources for the information were public sources, including Twitter, Pastebin and The Pirate Bay, according to the emails.

The data also included a special file listing of four intelligence analysts who authored some of the emails, including three who work for TEKsystems and one who formerly worked for Bank of America.

All four have deleted their LinkedIn profiles, but the profiles still appear in Google's cache. One analyst's profile was live as recently as three days ago.

Par:AnoIA said its release also includes the application OneCalais, which collects unstructured information from news stories, blogs and research reports. The software is made by ClearForest, an Israeli company owned by Thomson Reuters. Officials with Thomson Reuters and ClearForest could not be immediately reached.

The compromised data also contained salary information on executives, although much of it appears to be publicly available.

Send news tips and comments to Follow me on Twitter: @jeremy_kirk

Join the CSO newsletter!

Error: Please check your email address.

Tags Bank of AmericasecurityAllegis GroupThomson ReutersTEKsystemsBloomberg

More about AllegisBloombergClearForestGoogleReuters AustraliaThomsonWall Street

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts