Breach, Data Security, Vulnerability Management

Weak server entry point in JPMorgan Chase breach

The hackers that breached JPMorgan Chase over the summer likely got in through a neglected server that the bank's IT security failed to upgrade with two-factor automation, according to a report in the New York Times.

The Times cited sources familiar with the findings of an internal review of the financial institutions systems.

While Chase assured customers “there is no evidence” that account numbers, passwords, Social Security numbers, user IDs and other sensitive information was compromised, the summer breach exposed 76 million household and seven million small business accounts. It also raised questions as to how a firm so vigilant about security could suffer a sustained event that went undetected for so long.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.