JP Morgan Security Hack: Protect Yourself

By Patricia Uceda, Fall 2014 Graudate Research Assistant

National Cyber Security Awareness MonthThis summer J.P. Morgan Chase was hacked in one of the biggest known breaches of corporate computer security. J.P. Morgan estimated that the cyber breach affected about 76 million households, more than the 40 million card numbers stolen from Target last year.

The unknown intruders stole customer contact information including names, email addresses, phone numbers, and addresses. However, reportedly the hackers were unable to gather account information such as account numbers or passwords. The breach is still undergoing investigation by the bank and law enforcement, although they believe it may have originated in Russia.

safeInvestigators believe the breach was caused by malware that was implanted on an employee’s personal computer and then used to intrude further into the bank’s inner systems. J.P. Morgan has reset passwords for every employee and has disabled any accounts that may have been compromised. Customers have been told to notify the bank of any suspicious activity or unauthorized transactions on their accounts.

Privacy exerts state that the biggest risk is that posed by this breach is that the thieves will try to extract more sensitive information from the affected consumers through use of sophisticated emails targeting consumers and attempting to trick them into providing more information such as Social Security numbers or usernames and passwords to accounts.

If you have been affected by this security breach, here are a few steps you can take to protect yourself:

  • Closely monitor your account for any suspicious activity or unauthorized transactions.
  • Check each of your three credit reports regularly, which you can do for free at AnnualCreditReport.com.
  • Be very conscious of e-mails you receive going forward that may be trying to trick you into disclosing personal information. While it may look like a legitimate financial services company or retailer requesting personal information, always contact the company who supposedly sent it and verify.
  • Consider a security freeze, which will prevent someone from trying to open a new account in your name. It does this by prohibiting credit bureaus from releasing your credit reports to any entity that doesn’t already have a relationship with you.