Hackers access plain text info on nearly 500K JPMorgan Chase cardholders

Share this article:

Banking and financial services holding company JPMorgan Chase is alerting 465,000 prepaid cash cardholders that their personal information may have been compromised by hackers.

How many victims? About 465,000. 

What type of personal information? A small amount of noncritical personal information. An investigation is ongoing to reveal exactly what information was accessed.

What happened? Hackers breached the www.ucard.chase.com website and gained access to the personal information, which appeared in plain text during the course of the attack. The prepaid cash cards were used by corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits.

What was the response? Upon learning of the incident, the flaw was fixed and reported to law enforcement. An investigation is ongoing with the Secret Service and FBI. JPMorgan Chase is alerting all affected customers and is offering a free year of credit-monitoring services.

Details: Hackers breached the website in July and JPMorgan Chase learned of the attack in mid-September. Personal information for customers is typically encrypted, but the data appeared in plain text during the attack. It is currently unknown who is responsible for the breach. JPMorgan Chase said no funds have been stolen as a result of the breach and, thus, no new cards have been issued.

Quote: “According to the bank, the data exposure affects only cardholders who registered their cards on the JPMorgan UCard Center website and, between July and September 2013, performed certain actions online,” Kristy Nichols, Louisiana commissioner of administration, said in a statement. Three Louisiana state agencies were affected in the breach.

Source: reuters.com, “JPMorgan warns 465,000 card users on data loss after cyber attack,” Dec. 5, 2013

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Professor hacks University Health Conway in demonstration for class

A computer science professor from the City College of San Francisco accessed a University Health Conway server containing patient data as part of a demonstration for a class.

Another breach involving Onsite Health Diagnostics, Kansas City hospital impacted

Children's Mercy Hospital is notifying more than 4,000 individuals that their information may have been compromised after an Onsite Health Diagnostics system was breached.

Vitamin seller website attacked, payment cards and other info compromised

Credit and debit cards, as well as other information, may have been compromised by an attacker who gained access to TheNaturalOnline.com computer system.