Following reports last month that JPMorgan Chase was one of at least five U.S banks targeted by hackers who stole gigabytes of data, today Bloomberg reports that over 76 million households—that's half the households in America (!)—were affected by the breach, in addition to 7 million small businesses.
The revelation comes from a regulatory filing from JPMorgan Chase, and a spokesperson confirms that contact info—including customer names, addresses, phone numbers and email addresses—but not account info was compromised in the massive attack a few months ago.
Here is the full statement we received from Chase this afternoon:
Important Update on Cyber Security
We want to update you further on the cyber attack against our company. After extensive review, here is what our forensic investigation has found to date:
Here's what you should know now:
o There is no evidence that your account numbers, passwords, user IDs, date of birth or Social Security number were compromised during this attack.
o However, your contact information – name, address, phone number and email address – was compromised.
Your money at JPMorgan Chase is safe:
o Unlike recent attacks on retailers, we have seen no unusual fraud activity related to this incident.
o Importantly, you are not liable for any unauthorized transaction on your account that you promptly alert us to.
We are very sorry that this happened and forany uncertainty this may cause you. We don't believe that you need to change your password or account information. Click here for answers to questions you might have. As always, we recommend you use care with your accounts and information, as we describe in our Security Center.
The spokesperson also said that because passwords were not exposed, that there was "no need" for customers to change them.
Top image: Shutterstock