Bank of America says leaked data did not come from their systems
Posted on 28 February 2013.
Bank of America has confirmed that some of the data included in the massive leak by Anonymous-affiliated group "Par:AnoIA" does belong to them, but that it didn't come from their owns systems, but those of a third-party contractor.

The 14GB leak contains internal BoA emails that apparently show that they have hired IT consultancy firm TEKsystems to monitor the public online activity of hackers that might or have targeted the bank (Anonymous, TeaMp0isoN, UGNazi and others) and activists that were involved in the Occupy Wall Street movement.

According to Computerworld, BoA hasn't confirmed that particular partnership, but has explained that they were working on a "pilot program for monitoring publicly available information to identify information security threats."

If the Par:AnoIA press release accompanying the leak is to be believed, all the data comes from a unnamed source that lifted it off a "misconfigured server" located in Tel Aviv.

Among the leaked data is also the source code of the OneCalais app, a software developed by Israeli company ClearForest (owned by Thomson Reuters) for the express purpose of harvesting and rifling through huge swaths of unstructured publicly accessible information in search for relevant data.

Also leaked is source code of what appears to be a module of the software made specifically for Bank of America.

Finally, the leak contains archives containing data about hundred of thousands of executives and employees from various corporations around the world, including salary information. The archives were found on the same server, and seem to belong to Bloomberg L.P. media corporation.

But what really bugs the hacker group is that the research done by TEKsystems is "sloppy, random and valueless" and "potentially false", and the fact that BoA and others are contracting other companies to spy and collect information on private citizens - even though they do it by analyzing publicly available information.


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th