Bank Of America Services Breakdown, 250K Twitter Accounts Hacked

Some of Bank of America's 40 million customers "were unable to access their online banking accounts, mobile payment systems or the company’s telephone call centers on Friday"

Untitled

Some of Bank of America's 40 million customers "were unable to access their online banking accounts, mobile payment systems or the company’s telephone call centers on Friday," reports the NYT. An internal breakdown, rather than a hacking attack, is suspected, but the bank continues to investigate.

More from Reuters:

Since last fall, U.S. bank websites have faced a blitz of "denial of service" attacks in which hacker activists disrupt operations by flooding them with information.

Customers logging into Bank of America's website on Friday received a message that said the site was "temporarily unavailable." Some customers took to Twitter to vent their frustrations.

Until...Twitter came under attack!

In a blog post titled "Keeping Our Users Secure" from Bob Lord, Twitter's Director of Information Security:

As you may have read, there’s been a recent uptick in large-scale security attacks aimed at U.S. technology and media companies. Within the last two weeks, the New York Times and Wall Street Journal have chronicled breaches of their systems, and Apple and Mozilla have turned off Java by default in their browsers.

This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.
...
We also echo the advisory from the U.S. Department of Homeland Security and security experts to encourage users to disable Java on their computers in their browsers. For instructions on how to disable Java, read this recent Slate article.

This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.

About Diane Sweet

Diane Sweet's picture
Senior Editor, Lives in a gerrymandered district in Michigan.

Comments

We welcome relevant, respectful comments. Please refer to our Terms of Service for information on our posting policy.