JPMorgan Says Data Breach Affected 76 Million Households.

http://www.bloomberg.com/news/2014-10-02/jpmorgan-says-data-breach-affected-76-million-households.html

JPMorgan Chase & Co., the biggest U.S. bank, said a previously disclosed data breach affected 76 million households and 7 million small businesses.

Customer names, addresses, phone numbers and e-mail addresses were taken, the New York-based bank said today in a regulatory filing. Hackers also obtained internal data identifying customers by category, such as whether they are clients of the private-bank, mortgage, auto or credit-card divisions, said a person briefed on the matter.

The breach affected anyone who visited the company’s websites, including Chase.com, or used its mobile app, said the person, who requested anonymity because that information wasn’t publicly disclosed. Some of those affected by the incursion are former clients of JPMorgan, which currently has 65 million customers and reaches half of all U.S. households, the person said.

The bank, led by Chief Executive Officer Jamie Dimon, hasn’t detected “any unusual customer fraud” related to the attack, and clients aren’t liable for unauthorized transactions that are promptly reported to the company, according to the filing.

“There is no evidence that account information for such affected customers -– account numbers, passwords, user IDs, dates of birth or Social Security numbers –- was compromised during this attack,” the company said.

EBay, Target

The number of households affected by the attack on JPMorgan compares with the 145 million personal records taken earlier this year in a breach of EBay Inc. and last year’s attack on retailer Target Corp., which affected 110 million.

JPMorgan shares fell 0.4 percent to $58.58 at 6:19 p.m. in extended trading in New York after the firm announced the scope of the breach. The stock gained less than 1 percent this year through the close of regular trading today.

The attack on the lender, which is being probed by the Federal Bureau of Investigation and other agencies, started in June at the digital equivalent of the company’s front door, exploiting an overlooked flaw in one of its websites, two people familiar with the bank’s investigation have said.

The hackers unleashed malicious programs designed to penetrate the corporate network, the people said. With sophisticated tools, the intruders reached deep into the bank’s infrastructure, siphoning gigabytes of information, until mid-August.

                                        The JPMorgan Chase & Co. headquarters in New York City.