Some Bank of America customers in upstate New York got a new credit card in the mail recently, but not all were sure why. The bank sent replacement debit cards and credit cards to customers who may have had their financial information compromised by a third party.
A television station in Rochester, N.Y., reported some customers were not aware of any problems with their credit or debit card accounts until they received a letter from Bank of America telling them their old accounts would be deactivated in seven days, and to activate their new cards.
Both American Banker and the Rochester ABC affiliate, 13 WHAM, reported the breach is possibly connected to a problem at Rochester Gas and Electric. The utility company had notified customers that an employee at a contracted software development consulting firm had allowed unauthorized access to some of its customer data. In the RGE statement regarding the incident the company said there was no evidence that any of the data had been misused at that point. The data that was possibly accessed included Social Security numbers, dates of birth and some financial institution account numbers.
Bank of America reissued cards, but did not reveal which merchant was responsible for the breach, American Banker reports. The company simply said it was standard policy to reissue cards if customer's cards are thought to be at risk.
"Our fraud monitoring is based on information that we receive from card associations like Visa and MasterCard," Bank of America spokeswoman Betty Riess told American Banker. "If we think a customer's card information may have been compromised at a third party location, we take these proactive measures."
Bank of America told 13 WHAM its customers were also protected by the bank's zero liability fraud protection program, and some cards were reissued as a precautionary measure only.