Security News > 2024 > March > Fidelity customers' financial info feared stolen in suspected ransomware attack

Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information - including bank account and routing numbers, credit card numbers and security or access codes - after breaking into Infosys' IT systems in the fall.

The US-headquartered firm says it "Believes" the data included: names, Social Security numbers, states of residence, bank accounts and routing numbers, or credit/debit card numbers in combination with access code, password, and PIN for the account, and dates of birth.

If the Fidelity security breach sounds familiar, it's because Infosys was also at the heart of a Bank of America leak disclosed last month.

Back then BofA told 57,028 of its customers that crooks may have swiped from Infosys names, addresses, business email addresses, dates of birth, Social Security number, and "Other account information."

The incident, according to letters sent to BofA and Fidelity customers, happened between October 20 and November 2, and disrupted Infosys-provided services to both financial institutions.

"Since learning of this event, we have been engaged with IMS to understand IMS's actions to investigate and contain the event, implement remedial measures, and safely restore its services," Fidelity assured its customers.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/03/05/fidelity_cyberattack/