JPMorgan Chase & Co. (NYSE:JPM) is warning some 465,000 customers that their personal information may have been accessed by hackers in July.
The breach could affect pre-paid card holders issued for corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits.
Hackers viewed small file on JPMorgan servers
The bank doesn’t know what was in the file, but bank officials believe it was too small to include critical personal information such as social security, card, phone or account numbers, addresses, names or dates of birth for individual card holders. The bank also can’t rule out the possibility that such information was compromised.
Cyber attacks, in an increasingly connected and digital world, could be a source of chaos for banks. Hackers have successfully laid low the systems of some of the biggest U.S. corporations in the recent past. These include Citigroup Inc, JPMorgan Chase & Co. (NYSE:JPM) and Morgan Stanley. Akin to ‘global pandemics’, Dean Curnutt, CEO of Macro Risk Advisors point out that the risk from cyber attacks is known but their scope is neither quantified, nor priced into the markets.
Web servers breached
The largest U.S. bank said on Wednesday it had detected that the web servers used by its site www.ucard.chase.com had been breached in the middle of September. The bank then fixed the issue and reported it to law enforcement.
JPMorgan Chase & Co. (NYSE:JPM)’s spokesman Michael Fusco said that since the breach was discovered, the bank has been trying to find out exactly which accounts were involved and what information may have been compromised. However, he declined to discuss how the attackers breached the bank’s network.
The card holders represent about 2% of the bank’s about 25 million UCard users.
It may be recalled that earlier this year a global network of hackers used sophisticated methods to steal an astonishing $45 million in mere hours. The hackers got access to bank databases and removed the limits on pre-paid debit cards. The prosecutors disclosed that the case includes cyber attacks on two banks in the Middle East.