JPMorgan warns 465,000 card users on data loss after cyber attack

  • 5 December 2013
  • 6 replies
  • 6 views

Userlevel 7
Badge +54
JPMorgan Chase & Co is warning some 465,000 holders of prepaid cash cards issued by the bank that their personal information may have been accessed by hackers who attacked its network in July.
The cards were issued for corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits.
JPMorgan said on Wednesday it detected that its web servers used by its site www.ucard.chase.com had been breached in the middle of September. It then fixed the issue and reported it to law enforcement.
Bank spokesman Michael Fusco said that in the months since the breach was discovered the bank has been investigating to find out exactly which accounts were involved and what pieces of information could have been taken. He declined to discuss how the attackers breached the bank's network.
Fusco said the bank is notifying the cardholders, who account for about 2 percent of its roughly 25 million UCard users, about the breach because it cannot rule out the possibility that their personal information was among the data removed from its servers.
 
Full Topic

6 replies

Userlevel 7
The following article is a update on JP Mogan Hackers Attack
(Russian Hackers Attacked JPMorgan: Reports)
 
By AFP on August 27, 2014 JPMorgan Chase and a second US bank earlier this month, sparking a federal investigation, US media reported Wednesday. Bloomberg said two people familiar with the probe confirmed that the Federal Bureau of Investigation was examining the case to see if it is retaliation for US sanctions against Moscow over its support of Ukraine's secessionist rebels.
Bloomberg and The Wall Street Journal, which also reported the hacking case but without naming Russians as behind it, said it was not clear what damage the hackers caused or what data they may have stolen.
Bloomberg said the hackers showed a high level of skill to get through layers of security in the bank's systems, "a feat several security experts said appeared far beyond the capability of ordinary criminal hackers."
It said investigators, who also include the National Security Agency, are also studying whether the attack may have come from criminals in Russia or eastern Europe.
They are also examining whether the online break-in is related to similar incidents involving European banks. The FBI declined to comment.
 
SecurityWeek/ full article here/ http://www.securityweek.com/russian-hackers-attacked-jpmorgan-reports
Userlevel 7
The following article is a update on JPorgan cyber attack

(JPMorgan: Info on 76 Million Households Hit in Data Breach)

By AFP on October 02, 2014
 
NEW YORK - JPMorgan Chase said Thursday that information such as names and addresses for 76 million household customers and seven million businesses was compromised in a data breach this summer.
But the largest US bank said there was no evidence that critical account information such as account numbers, user identities or social security numbers were stolen by the hackers.
The bank "continues not to have seen any unusual customer fraud related to this incident," JPMorgan said in a securities filing. "JPMorgan Chase customers are not liable for unauthorized transactions on their account that they promptly alert the firm to," the bank said.
JPMorgan said in August that it was cooperating with law-enforcement officials following reports that hackers believed to be from Russia broke into the bank's computer systems. News reports at the time said other banks besides JPMorgan were targeted in the attack.
 
SecurityWeek/ full article/ http://www.securityweek.com/jpmorgan-info-76-million-households-hit-data-breach
Userlevel 7
The following article is a update on JPMogan cyber attack.

(JPMorgan CYBER-HEIST: 9 US financial firms snared by 'Russian hackers', says report)

By Kelly Fiveash, 5 Oct 2014
 

'Culprits have loose links to Putin's government': NYT

 
Russian hackers with "loose connections" to Vladimir Putin's government were reportedly behind the massive JPMorgan cyber-heist understood to have hit 83 million households and businesses in the US.
According to the New York Times, nine other Stateside financial institutions were also targeted by wrongdoers involved in the huge data breach.
 The identities of those banks and brokerage outfits was not disclosed, however.
The newspaper, citing people briefed on the matter, reported late on Friday that the hackers were believed to be operating from Russia and appeared to have vague links to officials in Putin's administration.
US spooks and policy-makers based in Washington are said to be deeply concerned by the attacks, even though they have publicly kept their cool about the successful hacks, the NYT added.
 
The Register/ Article/ http://www.theregister.co.uk/2014/10/05/report_says_russians_behind_jpmorgan_chase_cyber_attack/
Userlevel 7
Badge +13
I would certainly hope JP Morrgan/Chase notify people by snail mail,because cyber criminals are already filling peoples inboxes with phishing emails with malicious links and attachments.I received an email in my comcast online inbox the other day purporting to be from JP Morgan/Chase.I knew better than to open it and chucked it in the trash.I had those accounts closed many years ago.Sadly,some will fall for the trickery.My wife fell for one of those links some years ago and got nailed by a ZeroAccess infection.I was able to clean it up rather easily at the time.Banks owe it to their customers to spare no expense in safeguarding their systems.As i have said before,i would hope these breaches would drive consumers to have fewer open accounts,and to use cash whenever and wherever possible.I'm not sure what a customers legal recourse is in many countries,but i would have no issue whatsover with suing for damages.A customers good credit and reputation is PRICELESS.
Userlevel 7
I spoke to branch manager from Chase on this issue. The manager stated do not respond to any links via email or even phone calls, go down to the branch directly and have your questions answered, this is the only safe way. 
Userlevel 7
Badge +13
I have always believed it's best to handle matters in person and NEVER/EVER through an email or in repsonse to a phone call.One should call their bank DIRECTLY,log into their count DIRECTLY,and if the bank has a notice for you(at least with my bank Wells Fargo)it will be in an inbox there,and if one is fortunate to live near a bank branch,then by all means please do all your business there.Customers can avoid so much hassle with a little common sense.Unfortunately,the aged and the poor too often are victimized.It's not easy to fix damage done.I definitely think banks should be doing a better job at educating their customers.Snail mail with  insanely small print is not the way to do it. 

Reply