Bank of America uploaded PPP (Paycheck Protection Program) loan applications to a test platform, which may have been visible to third parties.

The breach occurred on April 22, 2020. Business details like an address, tax identification number, and business owner’s information (name, address, Social Security number, phone number, email and citizenship status) are all possible compromised personal identifiable information (PII).

Although Bank of American didn’t disclose the states in which their customers were impacted, they issued each a free two-year membership for Experian identity theft protection.

SpearTip has seen a rise in PPP fraud amidst the coronavirus pandemic. It is important to make sure that your organization’s environment is monitored 24/7/365. And, if your organization is using an MSP, take the time to understand their cybersecurity strengths and weaknesses.

SpearTip can perform a risk assessment to determine what problems exist and fix them before you experience a breach. To learn more about our risk assessment services, visit our detailed description here.

Read the full story here.

For more information on how to protect your environment and to ensure your MSP is also secure, visit or email [email protected] to speak with a cybersecurity professional.

24/7 Breach Response: 833.997.7327