According to The Guardian, the attack on the JP Morgan Chase bank was under way for a month before it was discovered in July, and when it was first disclosed in August, the bank estimated that about one million accounts had been compromised. However, the latest details coming to hand just last Thursday now reveal that the numbers have escalated into one of the most serious breaches of all time.
The enormous scale of the breach was confirmed in a filing with the Securities and Exchange Commission (SEC) in which the company revealed that the attackers stole user information including names, addresses, phone numbers and email addresses as well as “internal JPMorgan Chase information”.
However, the company says there is no indication that account numbers, passwords, user IDs, dates of birth or Social Security numbers were compromised and it has not seen “any unusual customer fraud related to this incident.”
JP Morgan Chase and Co has published an FAQ based on investigations to date, concerned customers can access that notice here: Customer Notice FAQs
Hey Companies, how about protecting our data!
It seems every passing week brings news of yet another company database breach, each inevitably being labeled the “biggest yet”. It’s gotten to the stage where this kind of news is becoming rather ho hum, at least for those of us who are not directly involved. It’s also becoming more and more apparent that these companies are failing to properly protect consumer data.
Criminals are getting smarter and smarter and all companies need to react accordingly, security safeguards that worked yesterday do not necessarily work today. Maybe it’s time to introduce dereliction of duty type legislation with punitive measures for companies who fail to utilize optimum security protocols to properly protect consumer data? I certainly think so.
What do you think?