US financial institutions are in the bull's eye again as the FBI and US Secret Service are investigating possible data breaches earlier this month at JPMorgan Chase and other US banks. This time the financial community isn't battling distributed denial-of-service (DDoS) attacks, but attacks that reportedly stole customers' bank account information.
The FBI today confirmed that it was investigating reports of attacks against multiple US financial institutions. "We are working with the United States Secret Service to determine the scope of recently reported cyber attacks against several American financial institutions," an FBI spokesperson said in a statement. "Combating cyber threats and criminals remains a top priority for the United States Government, and we are constantly working with American companies to fight cyber attacks."
JPMorgan said it has not detected any fraudulent activity thus far and is working with law enforcement to determine the scope of the breach. The financial firm is asking customers to report any suspicious activity on their accounts, and will contact anyone who was affected. "Companies of our size unfortunately experience cyber attacks nearly every day. We have multiple layers of defense to counteract any threats and constantly monitor fraud levels," a JPMorgan spokesperson said.
The firm expects to spend more than $250 million per year in cyber security, with some 1,000 employees dedicated to those operations by the end of this year.
[JPMorgan Chase's chairman and CEO Jamie Dimon says the bank will spend some $2 billion this year to improve controls, systems, and processes in areas such as anti-money laundering, customer onboarding, and know-your-customer.]
Word that JPMorgan and at least one other bank had been hit in mid-August by hackers who stole gigabytes of information initially came via a Bloomberg report late yesterday and then The New York Times. The attackers reportedly exploited a zero-day vulnerability found on one of the banks' websites in a multi-stage attack that, in the case of JPMorgan, ultimately led the attackers to the sensitive banking account information. Published reports suggest the attacks came out of Russia.
[Read the rest of the article at Dark Reading.]
Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio