A cyber attack earlier in the year on JPMorgan Chase was more severe than originally thought. While consumer confidence in corporations' IT security dwindles, experts question whether any institution is truly safe.
JPMorgan Chase conceded Thursday that a hacker attack in the summer had affected 76 million households and 7 million small businesses - a far greater figure than the nation's largest bank disclosed after the breach was first discovered.
Until just weeks ago, executives at the bank had said they believed cyber criminals had only targeted user contact information from one million customers.
Once it became clear that those estimates grossly underestimated the magnitude of the attack, those same executives hurriedly tried to reassure clients that no money had been stolen and that sensitive data, such as passwords or social security numbers, had not been compromised.
"Your money at JPMorgan Chase is safe," the bank said in a statement it sent out to customers, adding that no fraudulent activity had yet been detected in connection with the breach.
The United States Securities and Exchange Commission, which received a regulatory filing from the bank regarding the hack, said the stolen data included names, addresses, phone numbers and email addresses, but not any information on, say, credit cards.
The largest cyber security offense of its kind, the theft of tens of millions of users' data has underscored one of the gravest consequences of putting so much of people's lives onto computers.
The US Federal Bureau of Investigation (FBI) has raised the possibility that Russian hackers could be behind the attack, which may have been retaliation for sanctions against Moscow.
cjc/ng (dpa, Reuters)