Data breach at BNY Mellon vendor enabled hackers to steal sensitive information from clients placing them at permanent risk of identity theft.

On May 13, 2023, Bank of New York Mellon Corporation (“BNY Mellon”) filed a notice of data breach with the Attorney General of Massachusetts after learning that confidential information that had been entrusted to the company was leaked in what appears to be a third-party data breach. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names and Social Security numbers. After confirming that consumer data was leaked, BNY Mellon began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

What Happened?

On November 30, 2022, BNY Mellon learned that one of its vendors had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed. On March 23, 2023, BNY Mellon was granted access to conduct its own investigation to determine the amount and scope of the information involved. Through its investigation, BNY Mellon determined that an unauthorized actor may have accessed this sensitive information on November 30, 2022. On May 11, 2023, BNY Mellon began contacting individuals whose information may have been impacted. The type of information exposed includes:

• Name
• Social Security number
• Account number
• Address

What Is Known So Far

News of the BNY Mellon data breach is still fresh; however, what is known at this point comes from the company’s filing with the Attorney General of Massachusetts. According to this source, BNY Mellon recently determined that certain confidential information provided to the company was subject to unauthorized access. Based on the Massachusetts AG filing, it appears that the breach did not affect BNY Mellon’s computer system but instead involved unauthorized access to a third party’s IT system, such as a vendor. The name of the third party has not yet been released.

If you received a Notice Of Data Breach from Bank of New York Mellon Corporation, it is essential you understand what is at risk and what you can do about it. Financial institutions maintain a wealth of highly sensitive information on behalf of employees and clients. This makes them an ideal target for hackers looking to steal confidential consumer data, which they can then use to commit identity theft and other frauds. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the BNY Mellon data breach.

What Safety Measures Should Affected Individuals Take?

The aftermath of a data breach is, unfortunately, frequent fraud and identity theft. It’s possible that hackers may use the data for illegal purposes or sell it on the dark web to other bad actors. While it may take victims of a data breach months to learn about the incident, hackers often don’t waste time putting their newfound knowledge to use.

The security breach may not have been anything you could have prevented, but as a consumer, it is still in your best interest to know what to do to limit the fallout. To prepare for the possibility of a data breach, we have compiled a set of measures to complete immediately. This is not an exhaustive list. You may wish to take further precautions if your financial data has been compromised.

Refer to the BNY Mellon Notification Letter for Important Information.

A corporation has a duty to its consumers and the state authorities to inform them of a data breach. Once you get the data breach notice from BNY Mellon, you should go through the information provided by the company. In addition to the nature of the breach and the measures being taken to prevent such incidents in the future, the breach notification letter will contain information about any victims who have reported fraud or identity theft.

Sign Up for Free Credit Monitoring from Bank of New York Mellon

BNY Mellon is providing free credit monitoring services to all consumers who were affected by the hack. Typically, monthly fees for such services range from $20 to $40, but BNY Mellon is offering it for free for a period of two years.  Keeping an eye on your credit report might help you spot suspicious activity right away. Take advantage of the offer.

Keep an Eye on Your Finances and Credit

You still need to keep a close check on your finances and credit reports, even after signing up for a credit monitoring service. While it’s true that hackers don’t waste any time putting stolen information to use, there are times when they don’t have access to the information they need to carry out their intended crimes. Because of this, it’s possible that they’ll keep the information on hand until they can obtain the missing pieces of information. After a data breach has occurred, it is crucial to keep an eye on your accounts for a significant period of time (weeks or months). They may not utilize your information right away, but it doesn’t mean they won’t.

Put a Freeze on Your Credit and Set Up a Fraud Alert

Take advantage of the free protection services offered by the three major credit agencies, even if you believe credit monitoring and manual account monitoring are sufficient to prevent identity theft or fraud. If you freeze your credit report, no one will be able to access it without your permission. A fraud alert alerts businesses that check your credit report that your personal information may have been compromised.

Understand Your Legal Rights

If you are a victim of the BNY Mellon data breach, it is important that understand your legal rights and how you can protect yourself in the future. Please fill out the form below and a lawyer will contact you. There is no cost to you.

Tags: BNY Mellon   data breach   Data Privacy   Personal Identifying Information