JP Morgan data breach, hackers may have stolen 76 million account details

JP Morgan Data Breach hits most Americans were it hurts most

Hackers who breached and hacked the JPMorgan Chase servers this summer may have stolen approximately 76 million accounts details.  The compromised accounts of 76 million are mostly United States households and seven million small businesses operating out of USA.  The new revelation puts a question mark on the previous estimates given by JP Morgan Chase post the hacking and also makes the intrusion more serious than the Target, Home Depot and counts largest ever in the history of United States.

Security filing of JP Morgan Data Breach

JP Morgan Chase disclosed the details of the breach in a securities filing on Thursday only to shatter the consumer confidence in the digital websites in American corporates and households, which is already at a all time low.  The number of breaches starting December 2012 Target breach and counting are leaking credit cards/debit cards/banking information like a major flood.

Americans have suffered most in all the breaches thus far.  It is estimated that information of 40 million cardholders and 70 million others compromised at Target, 56 million compromised through a attack at Home Depot are out in the open for cybercriminals to take advantage of.

One of the main problems is that unlike retailers who have limited digital footprint, JPMorgan Chase is the  largest bank in the United States of America and has its digital influence on perhaps all American households who have a banking account. The financial information stored on the JP Morgan Chase servers holds data beyond customers credit card details and may include very sensitive customer data.

1 million goes to 76 million

Up until a few weeks ago, both the consumers and the top executives at JPMorgan Chase believed that only one million plus accounts were affected but now with this filing the devastation due to intrusion is quite huge. The  intrusion by hackers which began in June but was not discovered until July became more clearer post the investigations by the bank and the law enforcement agencies.

As per the filing and the preliminary investigation the hackers appeared to have obtained a list of the applications and programs that run on JPMorgan’s computers.  The list or the blue print of its web model enabled the hackers to carry out a detailed crosscheck with known vulnerabilities in each program and web application.  This in turn allowed them to find various vulnerable entry points into the banks servers which they compromised.

The investigation also revealed that hackers gained access to the names, addresses, phone numbers and emails of almost all JPMorgan account holders. Though JP Morgan, in its filing said that, there was no evidence that account information, including passwords or social security numbers, had been taken. The bank also stated that there was no evidence of fraud involving the use of customer information, in the filing.

What now for JP Morgan customers?

It is a fact that, until JPMorgan breach happened in July 2014, users especially the online customers viewed banks as a relatively safe medium of transactions and relatively safe from online assaults because of their investment in secure servers, secure gateways,  security defenses and trained security staff.  Though many bank breaches have been reported in the past, most breaches involved stealing personal identification numbers for ATM accounts. The JP Morgan data breach reveals that hackers had a full blue print of the workings of each and every App on its servers.

Even if no customer financial information was taken, the apparent breadth and depth of the JPMorgan attack shows how vulnerable Wall Street institutions are to cybercrime.

Jamie Dimon, JPMorgan’s chairman and chief executive, has acknowledged the growing digital threat. In his annual letter to shareholders, Mr Dimon said, “We’re making good progress on these and other efforts, but cyberattacks are growing every day in strength and velocity across the globe.”

Even though the bank has fortified its defenses against the attacks, Dimon wrote, the battle is “continual and likely never-ending.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here