Nearly 30,000 Fidelity Investments Life Insurance customers have fallen victim to a massive data breach, as criminals managed to steal personal and financial information from Infosys’ IT systems last fall. The breach, which involved the theft of sensitive information such as bank account numbers, credit card details, and access codes, has left thousands of individuals at risk of potential financial fraud and identity theft.
According to documents filed with the Maine attorney general’s office, the hackers “likely acquired” information about 28,268 individuals’ life insurance policies after infiltrating Infosys’ systems. While Fidelity admits that it is unable to determine the full extent of the breach, they believe that the stolen data includes names, Social Security numbers, states of residence, bank account numbers, credit/debit card details, access codes, passwords, and dates of birth.
The stolen information provides criminals with everything they need to drain bank accounts, commit identity theft, or engage in unauthorized online transactions. The breach was reportedly orchestrated by the LockBit group, as they claimed responsibility for the intrusion shortly after Infosys disclosed the cyber incident affecting its US subsidiary, Infosys McCamish Systems.
Law enforcement authorities managed to shut down some of LockBit’s infrastructure in December, but the group’s resilience and ability to evade capture raise concerns about future cyber threats. This is not the first time Infosys has been at the center of a data breach, as they were also linked to a Bank of America leak last month involving the theft of sensitive customer information.
In addition to disrupting the IT services of both financial firms, it appears that the criminals managed to steal sensitive data from over 85,000 individuals. Fidelity has yet to respond to inquiries regarding the breach, while Infosys has been urged to provide more information about how the hackers gained access to their systems and the extent of the data breach.
The incident, which occurred between October 20 and November 2, has raised concerns about the security measures in place to protect customer information. Both Fidelity and BofA customers were affected by the breach, prompting a review of security protocols and investigation into the breach’s impact on the data maintained by Infosys. As the investigation continues, customers are advised to remain vigilant and monitor their financial accounts for any suspicious activity.