The massive cyberattack on JPMorgan Chase Bank will impact more than 83 million households and businesses—and hold wide-reaching implications for your individual and commercial customers.
The attack, disclosed in a security filing on Oct. 2 according to , was lead by a group of overseas hackers who gained access to the network through high administration privileges, reaching more than 90 servers and securing account holder names, addresses, phone numbers and email addresses.
The breach comes at a time when persistent cyber attacks on financial institutions and retailers in the United States raise questions about the digital security of corporate America. In the past year, major retailers such as Target and Home Depot experienced significant data breaches.
Consumers should assume their personal information has been stolen and:
• Beware of spam emails, phone calls and text messages that try to solicit information.
• Never give out personal information by phone, email or text. Banks won’t ask for credit card digits, Social Security numbers and other sensitive data by email or text.
• Check credit and debit accounts regularly. This is the fastest way to determine if someone has stolen bank credentials and begun to make unauthorized purchases.
• Report suspicious activity immediately to improve your chances of regaining funds and avoid liability.
• Accept free offers of credit and identity monitoring. Though JPMorgan said it isn’t necessary, it won’t hurt if you have access to free services through your providers.
Businesses should take immediate action and:
• Communicate protection tips to customers.
• Train employees on how to recognize and report the signs of a security incident. Employees can either be a point of exposure or defense, and training often determines the difference.
• Manage vendor security risk. Perform your own or require third-party vendor security assessments for suppliers with access to your customer and business data.
• Be prepared. Have a breach response plan in place. When game day comes, and it will, you don’t want to be practicing, or worse, have to start creating, your playbook.
Visit for additional identity and data risk management tips and information.