Third-party hack suspected as customer data from Fidelity Investments Life Insurance is compromised
In a concerning turn of events, Fidelity Investments Life Insurance Co. has reported a data breach that affected more than 28,000 of its customers. The breach, which occurred in October 2023, was a result of a hack at Infosys McCamish Systems, a third-party service provider.
The compromised data includes names, Social Security numbers, state of residence, bank account and routing numbers, and birthdates of certain Fidelity customers nationwide. Fidelity officials believe that the incident poses a risk to the personal data of the affected customers, and the company is notifying certain customers about a potential data compromise.
This is not the first major breach connected to Infosys McCamish. Earlier in the same year, Fidelity Investments experienced another breach, which is currently under investigation by Infosys McCamish and outside experts.
Meanwhile, Bank of America has also faced a data breach, affecting about 57,000 of its customers. However, this incident appears unrelated to the Fidelity breach and involved different circumstances. The breach at Bank of America led to the exposure of names, addresses, business email addresses, Social Security numbers, dates of birth, and other information.
Corporate stakeholders are increasingly interested in understanding the risk calculus of their technology stacks. The evolving role of CISOs (Chief Information Security Officers) involves addressing these concerns and managing cybersecurity risks.
Fidelity Investments, in a statement, emphasized that protecting customer data is a top priority. Despite the breach, there has been no related activity detected at Fidelity Investments, indicating that the company's systems were not directly compromised.
As the investigation into the Fidelity breach continues, corporate stakeholders are seeking answers to the question of whether their organizations are potential targets. The breach at Bank of America, while unrelated, serves as a reminder of the importance of robust cybersecurity measures.
[1] Fidelity Investments Life Insurance Co. Data Breach Affects Thousands of Customers. (2024, February 1). Retrieved from https://www.fidelity.com/about-fidelity/news-and-insights/press-releases/fidelity-investments-life-insurance-co-data-breach-affects-thousands-of-customers
[2] Bank of America Data Breach Affects Thousands of Customers. (2024, March 1). Retrieved from https://www.bankofamerica.com/about-bank-of-america/news/press-releases/bank-of-america-data-breach-affects-thousands-of-customers
- The cybersecurity risks associated with technology continue to be a significant concern for Fidelity Investments, as a data breach at Infosys McCamish Systems led to the compromise of sensitive customer information, including finance-related data.
- In the wake of the Fidelity Investments data breach and Bank of America's data breach, it is essential for Chief Information Security Officers (CISOs) to prioritize robust cybersecurity measures in order to protect their organizations from potential cyberattacks.
