Read time: 2 minutes

JP Morgan Chase Hack Shows Bank Data Isn't All That Secure, After All

Banks--as opposed to recent hacking targets Home Depot and Target--are supposed to be heavily fortified. Not so much!
JP Morgan Chase Hack Shows Bank Data Isn't All That Secure, After All
Image from: smohundro

Oddly enough, my IT guy was just lecturing me about this yesterday, when I picked up a laptop that had been slowed to a crawl via assorted malware and viruses. He said the single biggest thing you can do to maintain your computer's security is to update Java, Flash, and Adobe as soon as they release the updates. Too bad JPMorgan Chase is too busy buying off regulators to do this simple thing!

An enormous privacy breach has compromised the bank accounts of 83 millionJPMorgan Chase customers, including 76 million households, spilling out customer names, addresses, phone numbers, and email addresses.

According to the New York Times, the disclosure was revealed in a securities filing on Thursday, although the attack was originally discovered in July. At first, the bankbelieved that about a million accounts were compromised, but security administrators slowly came to realize that the situation was much more grave. In a statement mailed out to customers, JPMorgan Chase writes that there is "no evidence that your account numbers, passwords, user IDs, date of birth or Social Security number were compromised during this attack."

"Unlike recent attacks on retailers, we have seen no unusual fraud activity related to this incident," the statement continues. "Your money at JPMorgan Chase is safe."

THE FACT THAT JPMORGAN CHASE COULD BE BREACHED SHOULD SEND A SHIVER OF FEAR THROUGH EVERY ORGANIZATION ON THE PLANET.

It appears that the attackers--who were operating from overseas--obtained a list of the software applicationsJPMorgan uses on its computers. Then, hackers sifted through each piece of software for known security vulnerabilities, and slowly began exploiting them in June.

What makes the attack so harrowing is that banks--as opposed to recent hacking targets Home Depot andTarget--are supposed to be heavily fortified. Finance should be one of our most guarded industries, for obvious reasons. If a megabank like JP Morgan Chase is this vulnerable? That's bad news for everyone.

"The fact that JPMorgan Chase could be breached should send a shiver of fear through every organization on the planet," Steve Hultquist, chief evangelist at RedSeal Networks, said in an email sent to Fast Company. "They are well aware of both the defenses necessary and the importance of protecting against concerted, automated attacks."


Comments

We welcome relevant, respectful comments. Any comments that are sexist or in any other way deemed hateful by our staff will be deleted and constitute grounds for a ban from posting on the site. Please refer to our Terms of Service (revised 3/17/2016) for information on our posting policy.