Big Bank Breach: JPMorgan Among Hacked Financial Institutions

JPMorgan and at least four other banks were hit in a coordinated attack against major financial institutions, Bloomberg reported.

According to US officials who spoke under condition of anonymity, the breach resulted in the theft of a large amount of customer data, which would indicate the possibility of financial fraud. The officials would not confirm, however, whether the stolen information included account numbers, passwords or credit card numbers.

Russian hackers are believed to be behind hacking JPMorgan and at least one of the other banks. The US Federal Bureau of Investigation (FBI) is investigating whether the attacks are in retaliation to US sanctions placed on Russia over the conflict in Ukraine. At this time, authorities have detected no fraudulent activity as a result of the hack, which lends credence to the theory that the attacks may have been politically motivated.

The hacks are believed to have begun in June. The criminals reportedly took advantage of a security flaw in JPMorgan’s website that software developers were unaware of. Two people familiar with the attacks told Bloomberg that the way the criminals navigated through complicated layers of security indicates that these were no ordinary hackers.

The hackers distributed malware that was designed to penetrate JPMorgan’s corporate network. Using “sophisticated tools,” the hackers began siphoning off gigabytes of information. It wasn’t until mid-August that JPMorgan discovered the breach.

JPMorgan refused to confirm or deny any attacks. Company spokesperson Patricia Wexler wrote in an email that companies of the bank’s size “unfortunately experience cyberattacks nearly every day.”


Related reading