Credit: JPMorgan Chase
The internal computer networks of JPMorgan Chase Bank and up to four other major American banks were hit by an enormous cyberattack earlier this month, according to reports. The intruders' haul appear to have been not money, but gigabytes of data pertaining to client accounts and bank personnel.
The FBI, United States Secret Service and National Security Agency are all investigating, reports Bloomberg News, which broke the story yesterday (Aug. 27). One hypothesis is that the attackers were working on behalf of the Russian government, but no evidence has been publicly presented to support that contention.
"We are working with the United States Secret Service to determine the scope of recently reported cyberattacks against several American financial institutions," an FBI spokesman told multiple publications.
It's not yet known exactly what kind of information was stolen, but at time of posting, it appears that none of it has been misused for fraud or theft. That doesn't mean the average bank client can rest easily. If you're a Chase customer, read on to see what you can do to minimize risk and protect your money.
The stolen data affects both clients and employees of the targeted banks, including bank executives, a source close to the investigation told Bloomberg News.
A source told The New York Times that checking- and savings-account information was taken. It's not clear whether that would affect ATM cards, bank-issued credit or debit cards or online-banking login credentials.
The absence of normal criminal activity following the data theft has led to speculation that the attack was politically motivated, perhaps in retaliation for the U.S. and European Union sanctions imposed earlier this summer on Russian trade and Russian government officials as a result of Moscow's involvement in the Ukrainian civil conflict. Cybercriminals have not been ruled out.
The culprits appear to have been highly skilled and possibly well-financed, using a zero-day flaw in one bank's website to penetrate the bank's internal network, reported Bloomberg News. (The Wall Street Journal reported that a network breach was instead achieved through a bank employee's personal computer.)
A zero-day flaw is a software vulnerability unknown to the "good guys" before the "bad guys" exploit it in an attack.
If you are a Chase banking customer, or if you believe your bank may have been one of the unnamed other banks, you should make adjustments to your online banking account, if you have set one.
First, change the account's [password, and the username if possible. Next, if the bank offers it, set up two-factor verification on your account; even if an attacker learns your password, he won't be able to access your account without entering the second credential, which is often a temporary six-digit number texted to the account owner's cellphone.
For at least the next few weeks, you'll also have to closely monitor your financial information and account activity for any signs of fraud or theft. Contact your bank immediately if you see any signs of suspicious activity.
Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, on Facebook and on Google+.