JPMorgan Hacked & Leaked Over 83 Million Customer Records

The New Acunetix V12 Engine


So yah last week we all discovered, OMG JPMorgan Hacked! This set a lot of people on edge as JPMorgan Chase & Co is the largest US bank by assets – so it’s pretty seriously business. The breach happened back in July and was only disclosed last Thursday due to a filing to the US Securities and Exchange Commission.

JPMorgan Hacked

This is a HUGE breach (76 million households and 7 million small businesses), one of the biggest in history – especially when it comes to the banking sector. Fortunately no really ‘critical’ data was leaked such as credit card details or social security numbers, but there was important information like addresses and phone numbers which at this volume are definitely valuable on the black market.

The July cyberattack on JPMorgan Chase & Co. that compromised the names, addresses, phone numbers and contact information of over 83 million people are believed to have originated in Russia with at least some level of state approval.

“It could be in retaliation for the sanctions” placed on Russia, one senior official briefed on the intelligence told The New York Times on Saturday. “But it could be mixed motives — to steal if they can, or to sell whatever information they could glean.”

JPMorgan Chase has worked with the Treasury, the Secret Service and intelligence agencies since the attack, which did not completely shut out the attackers until August, the paper reported. More than 90 servers were accessed and over 7 million small businesses were compromised.


There’s a lot of speculation that the hackers that pulled of this rather sophisitacted attack are Russian and somehow linked to Putin (although I’m not sure how they figured that out). The news also broke today that it was not only JPMorgan Chase & Co that was infiltrated – but they were just 1 of 9 financial institutions breached as part of this attack.

This includes banks and brokerages, more here: JPMorgan CYBER-HEIST: 9 US financial firms snared by ‘Russian hackers’, says report

“It was a huge surprise that they were able to compromise a huge bank like JPMorgan,” said Al Pascual, a security analyst with Javelin Strategy and Research, told the Times. “It scared the pants off many people.”

Experts fears that similar attacks in the future could ignite a financial crisis. JPMorgan Chase may be particularly vulnerable: The Times noted that the hackers were able to steal “a list of every application and program deployed on standard JPMorgan computers that hackers can crosscheck with known, or new, vulnerabilities in each system in a search for a backdoor entry.”

JPMorgan Chase has responded to the hacking by disabling compromised accounts and resetting passwords for its employees. The company also notified customers that they would not need to change their passwords or account information, nor would they be held liable for unauthorized transactions, The Associated Press reported Thursday.

It’s interesting that the hackers didn’t seem to go after the money, they really just wanted as much data as possible on JPMorgan customers.

It’ll be interesting to see if any of the other currently unnamed financial institutions are released to the press or if any of them suffered monetary losses – or they were all similar data grab scenarios.

Source: The Washington Times

Posted in: Privacy, Web Hacking

, ,


Latest Posts:


NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.
Powershell-RAT - Gmail Exfiltration RAT Powershell-RAT – Gmail Exfiltration RAT
Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment.
SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
It seems like SCADA hacking is still a topic in hacker conferences, and it should be with SCADA systems still driving power stations, manufacturing plants etc.
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.


Comments are closed.