Bank of America Responds to Breach. Bank of America blames a suspected breach of credit card data on an unidentified third party. What happened, and what can other institutions do to better protect. Bank of America last week blamed a suspected breach of credit card data on an unidentified third party, which the bank later revealed to be a merchant. The incident illustrates security risks institutions increasingly face, whether because of a merchant breach or relying too heavily on partners and suppliers. BofA has sent letters to select customers, notifying them of a possible compromise that likely exposed details about their credit card accounts. Though the bank’s spokesperson would not reveal how many of accountholders were affected, she did say the institution is taking necessary steps to address known security gaps.