Finastra, BofA, JPMorgan Face Class Action: Are Your Financial Records Safe From Cyberattacks?

Finastra, BofA, JPMorgan Face Class Action: Are Your Financial Records Safe From Cyberattacks?

In today’s digital age, the safety of your financial records is paramount. Recent events, such as the class action lawsuit against Finastra, Bank of America (BofA), and JPMorgan Chase, highlight the increasing threats of cyberattacks and data breaches. According to a report by SecurityWeek, British fintech giant Finastra started sending written notifications to individuals who had their personal information stolen in a data breach. This raises a critical question: Are your financial records truly safe?

Understanding the Finastra Data Breach

Finastra, a global fintech company providing software services to financial institutions worldwide, experienced a significant data breach. The unauthorized access occurred between October 31, 2024, and November 8, 2024, when a third party gained access to Finastra’s Secure File Transfer Platform (SFTP). This platform was used for customer and technical support, potentially exposing sensitive personal information.

What Information Was Exposed?

The compromised files contained a trove of unencrypted customer data, including:

  • Names
  • Social Security numbers
  • Dates of birth
  • Bank account numbers

According to a data breach notice filed with the Attorney General of Maine, the unauthorized party obtained files containing personal information. This exposure puts individuals at risk of identity theft and financial harm.

Finastra’s Response

Upon discovering the breach on November 7, 2024, Finastra initiated an investigation with the help of cybersecurity firms and notified law enforcement. The company also implemented an alternative secure file-sharing platform to ensure continuity. Finastra is offering affected individuals two years of free credit monitoring and identity protection services through Experian IdentityWorks.

Bank of America and JPMorgan Chase: Similar Threats

Finastra isn’t the only financial institution facing cybersecurity challenges. Bank of America and JPMorgan Chase have also been targets of data breaches, raising concerns about the security of customer data across the financial sector.

Bank of America Data Breaches

Bank of America has experienced multiple data breaches, including incidents involving third-party vendors. For example, in January 2025, Bank of America reported a data breach affecting one of its third-party providers. According to a sample letter provided to the Massachusetts Attorney General, the provider discovered unauthorized access to its systems on October 1, 2024, potentially compromising mortgage information belonging to Bank of America customers.

In another incident, a document destruction vendor improperly handled confidential documents, potentially affecting millions of customers. Bank of America has confirmed that at least two customers in Massachusetts were directly impacted.

JPMorgan Chase Data Breaches

JPMorgan Chase has also faced significant cybersecurity incidents. In 2014, a cyberattack affected over 83 million accounts. More recently, in 2024, a software glitch compromised sensitive information of nearly 500,000 retirement plan members. The exposed information included names, addresses, Social Security numbers, and bank routing and account numbers.

A new class action lawsuit has been filed against J.P. Morgan Chase & Co. over a recently disclosed 2021 data breach that impacted more than 451,000 people whose current or former employers had retirement accounts administered by J.P. Morgan Chase.

The Class Action Lawsuit: Seeking Accountability

The class action lawsuit against Finastra, BofA, and JPMorgan Chase aims to hold these institutions accountable for failing to safeguard sensitive personal data. The lawsuit alleges negligence and inadequate cybersecurity procedures, putting customers at risk of identity theft and financial harm.

Filed in federal court in Orlando, Florida, the complaint paints a picture of corporate negligence. T.H., a customer of both BofA and Chase, claims her personal information was snatched from Finastra’s file transfer system and exploited in fraudulent transactions tied to her bank accounts.

What Can You Do to Protect Your Financial Records?

While financial institutions work to improve their cybersecurity measures, there are steps you can take to protect your financial records:

  1. Monitor Your Accounts Regularly: Keep a close eye on your bank accounts, credit cards, and other financial accounts for any unauthorized activity.
  2. Change Passwords: Use strong, unique passwords for your online accounts and change them regularly.
  3. Be Wary of Phishing Scams: Be cautious of suspicious emails, text messages, or phone calls asking for personal information.
  4. Use Multi-Factor Authentication: Enable multi-factor authentication (MFA) whenever possible to add an extra layer of security to your accounts.
  5. Review Your Credit Report: Check your credit report regularly for any signs of identity theft or fraudulent activity.
  6. Consider Credit Monitoring Services: Enroll in credit monitoring services to receive alerts about changes to your credit report.
  7. Keep Software Updated: Ensure your computer and mobile devices have the latest security updates and antivirus software.
  8. Be Careful on Public Wi-Fi: Avoid accessing sensitive financial information on public Wi-Fi networks, as they may not be secure.
  9. Shred Documents: Shred any documents containing sensitive personal or financial information before discarding them.
  10. Notify affected organizations: If your data was stolen from a service provider (e.g., bank, healthcare provider), contact them for advice and to ensure they are taking action.

Legal Options and Compensation

If your personal information has been compromised in a data breach, you may be entitled to compensation. A class action lawsuit could provide consumers with money for any harm resulting from the breach. This may include compensation for:

  • Loss of privacy
  • Time spent dealing with the breach
  • Out-of-pocket costs
  • Identity theft or fraud

The Importance of Cybersecurity

The recent data breaches and class action lawsuit underscore the importance of cybersecurity in the financial sector. Financial institutions must invest in robust security measures to protect customer data from increasingly sophisticated cyber threats. This includes:

  • Implementing advanced encryption protocols
  • Regularly updating software and security systems
  • Conducting thorough risk assessments
  • Training employees on cybersecurity best practices
  • Securing third-party vendor access

Have Your Financial Records Been Compromised?

If you suspect your financial records have been compromised due to a data breach, it is crucial to take immediate action. Contact our firm for a consultation to discuss your legal options and potential remedies. We can help you understand your rights and navigate the complex legal landscape.