Following a major security breach over the summer, JPMorgan Chase said it found no evidence of compromised account numbers, passwords, dates of birth and Social Security numbers for the 76 million households and 7 million small businesses affected.
Luckily, the breach didn’t translate int a direct threat to consumers, but this certainly isn’t the first time a major security attack caused jitters among American households. Last year, a major Target breach impacted 40 million cardholders and 70 million additional consumers. A Home Depot cyberattack threatened 56 million cardholders.
Although JPMorgan Chase assured customers that their money and personal data remained safe, the cyberattack prompted many questions about how consumers could be impacted by a breach, what’s the danger, how they can expect to be notified and ways they can stay vigilant in the future.
Here’s a breakdown of what you need to know to keep your information safe from security breaches of the recent past, as well as any major breaches that might arise in the future.
Who Was Impacted
JPMorgan Chase’s breach affected anyone who used the following Web or mobile services: Chase.com, JPMorganOnline, Chase Mobile and JPMorgan Mobile.
This sheds light on the fact that customers using any platform — both online and on a mobile device — are at risk. Following news of a breach, all customer accounts should be considered and monitored for suspicious activity.
What’s the Danger?
JPMorgan Chase admitted that the biggest risk to customers following the breach was activity related to phishing. As LifeLock reporter Beatrice Karnes explains, thieves holding your stolen data could combine it with other information they already have, sell your information to others and use your information for spear phishing, which targets a group of individuals using accurate identifying information, such as the fact that they do business with JPMorgan Chase.
Additional threats include “vishing,” which targets customers through a phone call or voice message, and “smishing,” which reaches consumers through text messages.
JPMorgan Chase emphasizes that it never asks for personal information via email or text. Anytime you are prompted for any personal data from a financial institution or retailer this way, do your due diligence before sharing any information.
How Customers Were Notified
Following the breach, JPMorgan Chase made an announcement on the company’s homepage with the phrase “Important Update on Cyber Security.” The link directed customers to a page that described what information was exposed in the attack.
This case isn’t atypical. In fact, banks are not required to report data breaches and online intrusions unless it results in financial loss to consumers. It takes the theft of personal information like a credit card number or Social Security number before the institution is required to share news of the breach with the public. While laws differ by state, some states allow companies to wait up to a month before informing customers.
The JPMorgan Chase incident enforces the importance of consumers staying proactive and educated. Staying up to date about major breaches in the news is often a first tip-off that your own information or account may be in danger.
How to Stay Vigilant
To remain vigilant, consumers should periodically update their passwords, monitor their bank and retail accounts and check their credit reports regularly. It is helpful to remain leery of any suspicious emails, phone calls or text messages and contact the company immediately if any unusual activity is detected.