Bank Data Breach Could Impact 12.5 million Customers

The Bank of New York Mellon reported late last week that an earlier reported data breach could be much larger than expected, though there is still no indication that the data lost on tapes has been misused.

The bank reported in May back-up data storage tapes from BNY Mellon shareowner services had been lost and notified about 4.5 million individuals whose personal information may have been on the tapes. Last week, the bank said that further internal investigation revealed that the number of affected individuals could be as high as 12.5 million.

“We are actively engaged in a top-to-bottom review of our security policies and procedures and we are taking the steps necessary to ensure we have industry-leading security measures in place across all of our businesses,” said Brian Rogan, the bank’s chief risk officer, in a prepared statement.

The bank is providing all affected customers with two years of free credit monitoring through Experian, $25,000 of identity theft insurance through Virginia Surety Co., reimbursement for the cost of one placement and one removal of a credit freeze for each of the three national credit reporting bureaus, and will maintain dedicated toll-free numbers and add additional call center agents to respond to any consumer questions and concerns.

Bank executives said they’ve taken steps since the breach was discovered to enhance security. These include an independent review of the bank’s policies, procedures and controls, as well as implementing a program requiring that, “when technically feasible,” confidential data be transferred within the company via direct encrypted electronic transmission in order to minimize the need for data storage tapes and their transport.

The bank said it has also instituted stringent new standards for the transport of confidential data and is initiating a company-wide awareness and training program on data security for all employees.

For consumers who may have been affected by the breach, the bank has established a dedicated website to provide additional information, www.bnymellon.com/tapequery.