A former Bank of America associate is reported to be responsible for theft of customer data that compromises sensitive personal information while leaving the bank with at least a $10 million loss.
Bank of America (NYSE: BAC) says that a now-former employee had provided customer information to scammers with no affiliation with the bank. The information was then used to commit fraud against the bank’s customers.
Roughly 300 customer accounts were compromised in Western states including California, said Bank of America spokeswoman Coleen Haggerty in a Los Angeles Times report.
Information that was obtained included “people’s names, addresses, Social Security numbers, phone numbers, bank account numbers, driver’s license numbers, birth dates, email addresses, mother’s maiden names, PINs, and account balances.”
Fraudsters reportedly used customer information to order checks sent to them to be used, according to the LA Times. With customers’ information, the criminals changed contact phone numbers and rerouted mailing addresses for the checks and proceeded to make purchases with fraudulent checks. Customers were left in the dark until unauthorized purchases were spotted in account transaction histories.
Victims of the data theft have been issued new accounts after they were notified of the breach. Bank of America is also offering 2 years of free credit monitoring. Additionally, stolen funds have been refunded to customer accounts.
According to the U.S. Secret Service in Los Angeles, 95 suspects have been apprehended in February 2011 in connection to the case. Bank of America reportedly learned of the security breach nearly one year ago. Investigators estimate a minimum $10 million loss for Bank of America.
Bank of America has made no official statement on the theft because the case is still under investigation.