Two-factor authentication is important. We always recommend you have it enabled, and there are options for most of the products you use online; services such as Facebook, Gmail, Twitter and more all offer it, and allow you to log-in with not only a password, but a special generated code. Unfortunately for JPMorgan, the lack of two-factor authentication on one server is to blame for a recent cyber attack.
Ultimately, the cyber attack helped hackers gain access to more than 83 million households (original figures pinned that at 76 million households), but it could have been prevented. According to The New York Times, the attackers were able to grab a JPMorgan employee’s login and found a single server that didn’t require a two-factor login. While the firm uses it on most servers, this was the opening that the hackers needed.
Thankfully, JPMorgan told The New York Times that it has “seen no evidence of fraud as a result of this,” but it seems like a pretty basic security measure that was overlooked. It was only discovered during an internal investigation known as “Rio,” the news outlet said.
While we should all expect that our data is protected by the banks and other large corporations we trust our business to, sometimes attacks can occur due to small oversights, as was the case in the JPMorgan attack. To protect yourself in your daily business online, be sure to enable two-factor authentication anywhere you can. This is just a reminder for how easy it can be for someone to gain access to your data if you don’t.