Today, JPMorgan Chase Bank announced that 76 million household accounts, along with 7 million business accounts, were compromised in a recent cyberattack. This attack ranks among the largest corporate hacking attacks ever disclosed. Details indicate the hack occurred during June and July this summer.
3 things to know now
- While this attack is substantially larger than credit card breaches at Target and Home Depot, the company said that to date it has not yet "seen any unusual customer fraud related to this incident."
- According to sources, the breach affects everyone who visited the company’s websites, including Chase.com, or used its mobile app during June and July.
- The bank says customer names, addresses, phone numbers and e-mail addresses were taken. However, the company added that "there is no evidence that account information for such affected customers - account numbers, passwords, user IDs, dates of birth or Social Security numbers - was compromised during this attack."
JPMorgan Chase does say customers are not liable for unauthorized transactions on their account as long as they promptly inform the bank.
Still, I strongly recommend everyone be extra safe now rather than sorry later. Unlike Target, Home Depot and other retailers that have been hacked recently, banks hold far more sensitive information about you.
What to do now
If you bank with JPMorgan Chase - and one estimate says this hack affects 83 million people - I recommend the following.
- Change your online and mobile app passwords and PINs for your debit and credit cards. Learn how to create a strong password, and don't forget about the security questions as well. You should also change your passwords on any other online account that used the same one.
- Watch over your accounts like a hawk! In fact, set up text alerts to let you know about unusual activity - learn more here. In some previous hack attacks, the victims were hit with small charges of just a few dollars to not attract too much attention.
- If you notice any unusual activity on your accounts, contact your bank immediately and request new debit or credit card.
- Watch out for fake email supposedly coming from Chase. If you get any email that asks you to click a link or download a file, it's a scam and you should delete it right away. Learn the signs of a phishing email scam.
Finally, whoever is behind this attack went through a tremendous effort to hack about 90 different servers deep inside JPMorgan Chase. I find it odd that even after all that work, we've not heard of any affected cards listed for sale on the black market or accounts hit with fraudulent charges.
I'm going to continue watching this story carefully because I doubt we've heard the last of it. I hope I'm wrong, but as I wrote above, "better safe than sorry."
Even with a new debit card, you might not be safe. Hackers have other ways to steal your information. Click here for the five riskiest places to swipe your debit card.