JPMorgan Chase Confirms Cyber-Attack
Says Bank's 'Technology Environment Compromised'JPMorgan Chase & Co. has confirmed that it recently suffered a cyber-attack that compromised its systems, although it's not sharing many details about the incident.
See Also: Forrester Top 35 Global Breaches Report: Balance Defense with Defensibility
"We uncovered an attack by an outside adversary recently where the firm's technology environment was compromised," Kristin Lemkau, a JPMorgan Chase spokesperson, told the New York Times. "We are confident we have closed any known access points and prevented any future access in the same way."
Lemkau also stated that JPMorgan Chase had "not seen any unusual fraud activity" since the break-in was discovered. Additionally, there is "no evidence that they have taken any proprietary software," she says.
The cyber-attack is acknowledged in a brief statement on JPMorgan Chase's website. The bank declined to offer further comment to Information Security Media Group.
The Times reports that sources close to the investigation confirmed that hackers had access to dozens of JPMorgan's servers over a period of two months, and that they were able to review information about 1 million customer accounts and gain access to a list of the software applications installed on the bank's computers.
Another individual familiar with the investigation said hackers had not gained access to accountholders' financial information or Social Security numbers, and may have only viewed names, addresses and phone numbers, the report says.
The breach allegedly began in June and was not detected until late July, according to the report.
News of the breach first came to light on Aug. 27, when Bloomberg reported that Russian hackers had attacked Chase and at least one other U.S. banking institution (see: Chase Breach Investigation: Any Answers?).
Al Pascual, a fraud analyst at Javelin Strategy & Research, says cyber-espionage appears to be the motivation for the attack because the intruders didn't exfiltrate much customer data. He suggests that the JPMorgan Chase incident is similar to the NASDAQ hack, during which systems were surveyed but no visible signs of damage, manipulation or theft were detected. "Considering the role of U.S. mega-banks within the financial system, a successful attack against any of them could have a deleterious effect on the stability of U.S. markets, which makes cyber-espionage the likely motivator here," he says.
Eric Chiu, president and co-founder of information security company HyTrust, notes: "Although not a lot of information has been released, it looks like the attackers were able to gain privileged administrative access into many of JP Morgan Chase's servers, which gave them access to customer data without being detected for weeks. This is scary given that JPMC is one of the largest banks in the world and houses sensitive information on consumers worldwide. The breach at JPMC should be a wake up call for every organization to make security a top priority."