A cyberattack this summer against the nation’s largest bank by assets, JPMorgan Chase, compromised customer data for about 76 million households and 7 million small businesses, the bank said Thursday.
These new numbers are much higher than previously thought, and makes JPMorgan Chase the biggest corporate hack that’s been discovered and revealed. It dwarfs highly-publicized hacks against Target, Home Depot and other companies.
Chase had previously reported that roughly one million customer accounts were accessed.
The new details of the hack attack — which began in June but was not uncovered until July — were posted by Chase on its website for banking customers.
Here are the major points that Chase says its customers should know:
• “There is no evidence that your account numbers, passwords, user IDs, date of birth or Social Security number were compromised during this attack.”
• “However, your contact information – name, address, phone number and email address – was compromised.”
Chase adds that “unlike recent attacks on retailers, we have seen no unusual fraud activity related to this incident.”The bank also reminds customers that they are not liable for any unauthorized transaction on their account but you would need to “promptly alert us,” Chase said.
“We are very sorry that this happened and for any uncertainty this may cause you,” Chase says in its website statement. “We don’t believe that you need to change your password or account information.”
Chase offers this FAQ page on the data breach.