JP Morgan Chase Cyber Security Alert: Hackers Got Email Addresses, Not Financial Info

CNN’s Alison Kosik looks into what type of customer information was gathered by the hack on JP Morgan.

Contact information (name, address, phone number and email addresses) was compromised in a recent hack of about 80 million Chase customers — that’s two out of every three households in the United States.

No financial account-related information, such as account numbers, social security numbers or passwords are believed to have been comprised; however the compromised contact information opens the possibility of phishing attempts in fraudulent telephone calls and emails.

Clever criminals could dupe customers into revealing valuable information by causing accidental logging in to a realistic looking, but fraudulent Chase page. Consumers should never follow links from emails. Consumers should always manually type a URL address to get to their financial institution.

Consumers should consider approaching each of the three credit bureaus — Equifax, Experian and TransUnion to request a security freeze, which may involve a small fee. The freeze can be tedious because it has to be “thawed,” or lifted, when a consumer applies for a new credit card or for a mortgage. Consumers may need to use PINs and other information to activate a thaw, but the extra effort may be easier than trying to undo the mess created by a thief.

Meanwhile, consumers should regularly monitor all of accounts; read every transaction on credit statements every month; and check each of three credit reports regularly, which are available free of charge at least once a year through AnnualCreditReport.com.

+ + + + +

Important Update on Cyber Security from Chase
We want to update you further on the cyber attack against our company. After extensive review, here is what our forensic investigation has found to date.

Here’s what you should know now:

There is no evidence that your account numbers, passwords, user IDs, date of birth or Social Security number were compromised during this attack.

However, your contact information – name, address, phone number and email address – was compromised.

Your money at JPMorgan Chase is safe:

Unlike recent attacks on retailers, we have seen no unusual fraud activity related to this incident.

Importantly, you are not liable for any unauthorized transaction on your account that you promptly alert us to.
We are very sorry that this happened and for any uncertainty this may cause you. We don’t believe that you need to change your password or account information. Click here for answers to questions you might have. As always, we recommend you use care with your accounts and information, as we describe in our Security Center (Link to Security Center).

We’re here to help
Attacks like these are frustrating. There are always lessons to be learned, and we will learn from this one and use that knowledge to make our defenses even stronger.

+ + + + +

Additional security precautions and information …

Don’t trust any phone calls, emails, or letters claiming to be from the bank. Only contact the bank by calling the number on your bank card or a previous statement. They may have investigated your Facebook, Twitter, or LinkedIn accounts to gain information that gives them relevant information that could aid them in successfully phishing for additional information.

Phishing methods will attempt to obtain your birthdate, Social Security Number, and bank account number.

See also …
Chase Security Center — www.chase.com/resources/privacy-security


Get updates from The Cardinal ALL NEWS FEEDS on Facebook. Just ‘LIKE’ the ‘Arlington Cardinal Page (become a fan of our page). The updates cover all posts and sub-category posts from The Cardinal — Arlingtoncardinal.com. You can also limit feeds to specific categories. See all of The Cardinal Facebook fan pages at Arlingtoncardinal.com/about/facebook …