The LockBit ransomware group may have data on 81,000 executives with nonqualified deferred compensation plans from Bank of America or Northwestern Mutual.
The companies notified the California and Maine attorneys general offices of LockBit worries in in reports filed earlier this month.
Newport Group uses Infosys McCamish systems to run the Bank of America and Northwestern Mutual NQDC plan programs. The LockBit group hit the Infosys McCamish systems on Oct. 29.
The systems held information about 57,028 participants in Bank of America NQDC plans and 24,518 participants in Northwestern Mutual plans.
What it means: Last summer, many clients received breach notices tied to the MOVEit file transfer system. Now, some will get breach notices from their NQDC plan providers.
LockBit: Investigators noticed LockBit in 2019. The group is known for its simple user interface, paying field hackers before the central organization, and taking victims' data before encrypting the files and charging ransom to decrypt the files, according to the U.S. Treasury Department.
The Department of Justice announced Tuesday that the FBI, the U.K. National Crime Agency and other law enforcement agencies had disrupted the LockBit group by seizing many of its websites.
The attack: In November, the LockBit group announced on X, the service previously known as Twitter, that it had taken 50 gigabytes of Infosys McCamish data.
Bank of America and Northwestern Mutual are just two of the Infosys McCamish users affected. The companies emphasized that their own systems were not compromised.