Bank of America security incident affects PPP applicants
Bank of America has revealed a security incident in which certain data belonging to paycheck protection program (PPP) applicants was exposed to SBA-authorized lenders and their vendors.
The bank worked with the US Treasury and the Small Business Administration to process more than 305,000 PPP loan applications under a program designed to provide relief for small businesses. On April 22, customer loan applications were uploaded to a “limited and controlled access” test request platform, Bank of America said in a report. letter to those affected.
While testing was underway, the bank learned that the app’s data may have been visible for a limited period of time by a limited number of other SBA-authorized lenders and vendors. There is no indication that customer data was accessed or misused by anyone who might have seen it, officials said, and the information was not visible to other PPP loan applicants or the public.
Data that may have been exposed includes the business address and tax identification number, as well as other business information of the applicant. It may also have exposed information belonging to the primary owner, such as name, address, social security number, phone number, email address, and citizenship.
Bank of America notes that this does not affect the submission of PPP loan applications to the SBA.
Read more details here.