Late last week Bank of America Corporation disclosed a data breach affecting clients who have applied for the Paycheck Protection Program (PPP). Client information was exposed on April 22 when the bank uploaded PPP applicants’ details onto the US Small Business Administration’s test platform. The platform was designed to give lenders the opportunity to test the PPP submissions before the second round of applications kicked off. The breach was revealed in a filing made by Bank of America with the California Attorney General’s Office. As a result of the incident, other SBA-authorized lenders and their vendors were able to view clients’ information.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Mark Bower, Senior Vice President, provides expert commentary at @Information Security Buzz.
"The missing piece here that could have saved the day was using de-identified data during the test run to avoid regulated data exposure...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bank-of-america-admits-paycheck-protection-program-data-breach-enterprise-security-expert-mark-bower-comments
Facebook Message
@Mark Bower, Senior Vice President, provides expert commentary at @Information Security Buzz.
"The missing piece here that could have saved the day was using de-identified data during the test run to avoid regulated data exposure...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/bank-of-america-admits-paycheck-protection-program-data-breach-enterprise-security-expert-mark-bower-comments