Chase Cyber Attack - One More Blow For Online Banking
Last week JPMorgan Chase reported that 83 million customers had personal information stolen from Chase computers. The data stolen included names, addresses, phone numbers and email addresses. According to Chase, there is no evidence that financial data such as account numbers, passwords, user IDs, dates of birth or Social Security numbers were compromised. Consequently, Chase customers should not have to worry about losing any money directly from this incident. However, they will have to be cautious about phishing attempts since scammers may send emails with names that could make the emails look more official. This is a good reminder to avoid clicking on links or downloading attachments in emails. Set up bookmarks for your banks, and only use those bookmarks when you log into your bank accounts.
Chase reassured customers on its website:
Your money at JPMorgan Chase is safe:
- Unlike recent attacks on retailers, we have seen no unusual fraud activity related to this incident.
- Importantly, you are not liable for any unauthorized transaction on your account that you promptly alert us to.
Chase set up an FAQ section on its website that covers this incident. According to the FAQs, customers don’t have to change passwords or get new debit/credit cards.
Confidence in Online Banking?
Even though this incident may not directly put customers’ money at risk, it’s yet another example of the risks that exist in this digital age. This recent Washington Post article reviews the Chase attack and describes how it "raises alarm about safety of financial system." According to the article, the attack "appeared to target far more than mere consumer data, sparking concern among government and industry officials of whether the ultimate aim was to disrupt Wall Street itself." The article raised an important question for savers. Are you losing confidence in online banking? A security expert interviewed in the article had this to say about the Chase attack:
"The level of what hackers did at retailers was not rocket science, but getting into the country’s biggest bank raises consumer confidence questions. Are people going to start putting their money under a mattress?"
Are you taking additional steps to protect your money? Regulations do offer protections to consumers regarding bank fraud. However, they do require consumers to regularly monitor their accounts. At the very least you should monitor your checking and credit card accounts each statement period. If you see any fraudulent charges, you should immediately report them to your bank.
How often do you monitor your bank accounts? Please take the poll. Have you started to monitor your bank accounts more often since these massive data breaches have become so common? What other steps have you taken? Please leave a comment.
However, in their FAQ, it seems the online banking system is exactly what was hit in this attack:
"Was I affected?
"You were affected if you used the following web or mobile services: Chase.com, JPMorganOnline, Chase Mobile or JPMorgan Mobile."
But I note, they did not intercept banking matters as account holders transmitted over the Internet; they broke into the comoputer at the Chase location and got the material there. So, actually conducting the transactions online was not an issue.
I will say, I do not know how these things are done, but that said, I expect it would be much more diffiuclt for hackers of this sort to catch the transmission as the transaction is done than to get it from the computer after the fact. Oh, your next door neighbor might hack into your WiFi signal and catch your transaction, but I doubt someone in Russia could mount a big steal like this that way.