More details are emerging about the cyber security breach at JP Morgan. According to the Wall Street Journal about 76 million households, an amount equivalent to two-thirds of American households, were affected by a cybersecurity attack on the bank this summer in one of the most sweeping disclosed breaches of a financial institution. Seven million small business were also affected.
The details of the breach were disclosed in a securities filing on Thursday. The attack at J.P. Morgan went unnoticed for about two months. The hackers appeared to have obtained a list of the applications and programs that run on JPMorgan’s computers, which they could crosscheck with known vulnerabilities in each program and web application in search of an entry point back into the bank’s systems.
According to a person close to the investigation, hackers appear to have originally breached J.P. Morgan’s network via an employee’s personal computer via phishing attack. This highlights the importance of creating a culture of security awareness throughout the entire organization. Employees are a key link in the security of a business’ technology infrastructure and company data. Teaching employees to be aware of an organization’s security requirements can be one of the most effective ways to enhance the company’s overall security posture.
Gartner security analyst Avivah Litan call the latest hack a “crisis point” for financial institutions.
The JP Morgan hack is just one of several high-profile cyber attacks that have occurred over the last six months. In September, Home Depot Inc. confirmed its payment systems were breached in a cyberattack that impacted about 56 million payment cards. Other recent cyber attacks have included Target, Home Depot, Adobe and Neiman Marcus among others.
ACE IT Solutions’ Security Services, offered in partnership with IBM, provide a simple and cost-effective way to limit potential threats 24×7. Through our partnership with IBM, ACE IT Solutions leverages one of the world’s largest collections of security information to combine advanced analytic capabilities into cloud-based security services that can be mixed and matched according to each business’ specific needs. Contact us at 646-558-5575 for a free security consultation.