Bank of America’s web site was, um, compromised for a period of time today.
During that period, people had access to full information on Bank of America customers.
http://jalopnik.com/#!5758997/…
… when she logged into her Bank of America account earlier this evening she saw, rather than her credit card account, the mortgage and home equity account of someone else. That’s right, Bank of America was showing her, instead of her own credit card account, the accounts for a Bank of America account holder in Randolph, NJ. The only similarity between the two? The same last name.
The full extent of the issue has not been made public, so it’s unclear how many accounts were exposed and whether everyone with internet access could gain access to the exposed customers’ accounts, or if only those who logged in with an existing customer account had access to other customer accounts.
However, that’s a moot point, because any hackers out there watching for vulnerabilities could very well have exploited this problem (and of course, hackers could have caused the problem to begin with, for all we know).
As a result, if you’re a Bank of America customer for your bank account, credit card, mortgage, etc., you should consider requesting an “Initial Fraud Alert” on your credit to prevent identity theft.
An Initial Fraud Alert is used by credit ratings agencies to alert banks, lenders, and other potential creditors that your personal information may have been stolen, and requires them to contact you directly, using specific contact information before granting any credit in your name. (This will prevent people, for example, using one of those unsolicited credit card offers to take out a new credit card in your name using the stolen information).
You do NOT want to be subject to identity theft.