Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

JPMorgan Shares Information on Recent Cyber Attacks

JPMorgan Chase, one of the largest banks in the United States, has confirmed that its systems were breached this summer, but investigators say there’s no evidence that the attackers had gained access to highly sensitive information.

JPMorgan Chase, one of the largest banks in the United States, has confirmed that its systems were breached this summer, but investigators say there’s no evidence that the attackers had gained access to highly sensitive information.

People familiar with the investigation have told The New York Times that the hackers penetrated roughly 90 of the company’s servers between June and late July when the breach was detected. The attackers reportedly gained access to the details of one million customers and information on installed software after obtaining high-level administrative privileges, but an unnamed individual close to the matter said only names, addresses and phone numbers have been compromised.

There appears to be no evidence that social security numbers, financial information, or proprietary software have been obtained.

In an update posted on its website, JPMorgan admitted uncovering a cyberattack, but reassured customers that they are not liable for any unauthorized transactions on their accounts. The company has also noted that is hasn’t seen any unusual fraud activity related to the breach.

The investigation is still ongoing, but initial reports pointed a finger at cybercriminals believed to be from Russia or Eastern Europe. Investigators also believe a foreign government might have played a role in the operation. At least four other financial institutions are said to have been hit in the same attack.

It’s unclear at this point if they are related, but the bank’s Corporate Challenge website was also breached. On August 7, the company detected a cyberattack in which passwords and contact information were compromised, JP Morgan said in a letter sent out to customers. The website for the Corporate Challenge, an annual series of road footraces sponsored by JP Morgan in an effort to promote fitness in the workplace, is operated by a third party.

“It’s noteworthy that what was reported stolen in the JPMorgan Chase breach have been described as ‘blueprints.’ Military strategists understand the value of maps – both for defense and offense. Unfortunately, today’s attackers can establish better maps of sprawling, complex, and changing corporate infrastructure than the defenders often can,” Dr. Mike Lloyd, CTO of RedSeal Networks, said in an emailed statement.

“Every defensive team needs complete and up to date maps of the organization’s equipment, but this is often lacking, due to internal politics, lack of tools, or inability to keep up with the rapid pace of business change. It’s clear that attackers see value in being able to map out how JPMorgan’s infrastructure works. For other organizations, this is a wake up call – if someone already has your blueprints, and you do not, then they will be able to out-maneuver you in a later incident.”

Advertisement. Scroll to continue reading.

Eric Chiu, president and co-founder of cloud control company HyTrust, believes this incident should be a wake-up call for organizations to make security a top priority, especially when it comes to attacks from the inside, which can often cause the greatest damage.

“Although not a lot of information has been released, it looks like the attackers were able to gain privileged administrative access into many of JP Morgan Chase’s servers which gave them access to customer data without being detected for weeks. This is scary given that JPMC is one of the largest banks in the world and houses sensitive information on consumers worldwide,” Chiu told SecurityWeek.

 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.