Close Close
Sign In
Newsletters
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards
Podcast Center Video Center Webcasts Resource Center Events
About ThinkAdvisor Contact Us Advertise With Us Asset & Logo Licensing Sitemap Terms of Service Privacy Policy Copyright © 2024 ALM Global, LLC. All Rights Reserved.
ThinkAdvisor
A hooded hacker uses a computer.

Retirement Planning > Saving for Retirement

Cyberattack on IT Firm Hits BofA and Northwestern Mutual

By Allison Bell

X
Your article was successfully shared with the contacts you provided.

The LockBit ransomware group may have data on 81,000 executives with nonqualified deferred compensation plans from Bank of America or Northwestern Mutual.

The companies notified the California and Maine attorneys general offices of LockBit worries in in reports filed earlier this month.

Newport Group uses Infosys McCamish systems to run the Bank of America and Northwestern Mutual NQDC plan programs. The LockBit group hit the Infosys McCamish systems on Oct. 29.

The systems held information about 57,028 participants in Bank of America NQDC plans and 24,518 participants in Northwestern Mutual plans.

What it means: Last summer, many clients received breach notices tied to the MOVEit file transfer system. Now, some will get breach notices from their NQDC plan providers.

LockBit: Investigators noticed LockBit in 2019. The group is known for its simple user interface, paying field hackers before the central organization, and taking victims’ data before encrypting the files and charging ransom to decrypt the files, according to the U.S. Treasury Department.

The Department of Justice announced Tuesday that the FBI, the U.K. National Crime Agency and other law enforcement agencies had disrupted the LockBit group by seizing many of its websites.

The attack: In November, the LockBit group announced on X, the service previously known as Twitter, that it had taken 50 gigabytes of Infosys McCamish data.

Bank of America and Northwestern Mutual are just two of the Infosys McCamish users affected. The companies emphasized that their own systems were not compromised.

Bank of America said the attackers could have plan participants’ names, email addresses, birth dates and Social Security numbers.

Northwestern Mutual said that it has no evidence that the LockBit group took its participants’ information but that determining what the group does have could take months.

Bank of America offered plan participants 24 months of free Experian identity monitoring services.

Northwestern Mutual plan participants will get 12 months of Experian services from Northwestern Mutual and 12 months from Newport.

Reactions: Bank of America declined to comment.

Infosys McCamish and Ascensus could not immediately be reached.

Northwestern Mutual emphasized in an email that its own systems were not compromised.

“Although Newport has not confirmed the details of its investigation, Northwestern Mutual took steps out of an abundance of caution to protect potentially impacted individuals through voluntary, proactive notification along with an offer of credit monitoring services and voluntary regulatory filings,” Northwestern Mutual said.

Credit: Sergey Nivens/Adobe Stock

Allison Bell

Think_Allison

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.