JPMorgan recently revealed that, during the massive July cyberattack that hit the firm, hackers gained information on more than 76 million households and 7 million small businesses. The news was revealed in a form 8-K document that JPMorgan filed with the Securities and Exchange Commission (SEC) this week in regards to the earlier attack.
JPMorgan said that names, addresses, phone numbers and e-mail addresses were exposed during the attack, in addition to “internal JPMorgan information relating to such users.” The bank said that account numbers, passwords, social security numbers and birth dates don’t appear to have been compromised, however, and JPMorgan hasn’t yet noticed any unusual activity related to the accounts that were affected. JPMorgan says that any customer affected by the breach that notices irregular activity should notify the bank, and that these customers will not be liable for those bogus charges.
The New York Times said the breach likely occurred from overseas and that the hackers likely used holes in vulnerable applications running on JPMorgan computers to enter its systems.