A warning has been sent across 465,000 cardholders of JPMorgan prepaid cash cards issued by the bank that their personal information
may have been accessed by hackers who attacked its network.
The cards were issued for corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits.
As JPMorgan found out that its web servers being used were by its site (www.ucard.chase.com) had been breached, the company reported the law enforcement.
Bank spokesman Michael Fusco said that the bank has been investigating to find out exactly which accounts were involved and what pieces of information could have been taken, since the breach was discovered.
Fusco said as they cannot rule out the possibility that cardholder’s personal information was among the data removed from its servers, the bank is notifying them about the breach. The cardholders account for about 2 percent of Fusco’s roughly 25 million UCard users.
The personal information of bank’s customers is usually kept encrypted as a security precaution. However, during the data breach incident, personal data belonging to those customers had temporarily appeared in plain text in files the computers use to log activity.
The bank claims that critical personal information such as social security numbers, birth dates and email addresses were not taken during the breach. However The bank believes “a small amount” of data was stolen.
Cyber criminals target such data because it can be used to open bank accounts, obtain credit cards and engage in identity theft. Many states require banks to notify customers if they believe there is any chance that such information may have been taken in a breach.
Am year free credit-monitoring services is being offered to the cardholder by the bank.
Fusco said the bank has not found that any funds were stolen as a result of the breach and that it has no evidence that other crimes have been committed. As a result, it is not issuing replacement cards.
Alertsec strengthens security
Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.
Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.