JP Morgan warns 465,000 customers that data could be exposed after cyber attack

By Sooraj Shah
05 Dec 2013 View Comments
JP Morgan

JP Morgan is warning 465,000 of its prepaid cash card customers that their personal data may have been accessed by hackers who attacked the bank's network in July.

Corporations were issued the cards to pay employees, while government bodies used the cards to issue tax refunds and unemployment compensation in addition to other benefits.

Further reading

In September, JP Morgan's web servers, which are used by its www.ucard.chase.com website, were breached. The bank managed to fix the issue and report it to US law enforcement.

Michael Fusco, a spokesman for the bank, told Reuters that in the months since the cyber attack, the firm has been investigating what data has been taken and which account holders have been affected.

The bank is notifying the cardholders who are affected because personal information may have also been taken from the web servers. Although personal data is usually encrypted, the bank claims that personal data for those customers had temporarily appeared in plain text files, as a way for the system to log activity.

About two per cent of its 25 million UCard users have been affected, and the bank maintains that only a "small amount" of data was taken and that did not involve critical personal information such as social security numbers, birth dates and email addresses. Funds are also understood not to have been retrieved from any of the accounts.

The bank's debit card, credit card and Liquid card holders are not affected by the attack.

The bank is offering the affected UCard holders a year of free credit-monitoring services.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 9 - what do you want?

What would your business require from Windows 9 "Threshold" to make it an attractive proposition?

32 %
4 %
8 %
7 %
49 %