In October 2014, hackers accessed the personal information of over 83 million JP Morgan Chase customers. Fortunately, the hackers weren’t able to access financial information or gain access to client accounts. However, they were able to access the names, phone numbers, addresses, and email addresses of any current or past customer who logged into Chase.com, JPMorganOnline, Chase Mobile or JPMorgan Mobile.[i],[ii] This unprecedented cyber-attack on a major American financial company naturally raises questions about the state of security in the financial services industry.
While there are a lot of questions still being answered, there is some good news to take away from this incident:[iii]
No money was taken from client accounts and it doesn’t appear that financial databases were accessed at all. No fraudulent transactions have yet occurred using client information.
- S. law enforcement and intelligence services are working closely with financial institutions to glean information and prevent future attacks.
- This serious attack is a wake-up call for the whole industry that a coordinated hacking attack, possibly with the tacit support of foreign governments, can have a major impact on financial institutions. This realization will likely result in some major changes to security protocols at financial institutions.
Financial data theft is a major problem that can affect anyone. Though statistics on this type of data breach are scarce, it’s safe to say that millions of Americans are at risk. Fortunately, there are many ways that you can protect yourself from identity theft and fraud. Most of these actions are common sense, but they’re worth passing along to your loved ones:
Be wary of emails or social media messages asking you to log into a financial account. Your bank, mortgage company, investment account, or the IRS will never request personal information by email. Never click on links embedded in those emails; instead, always log into your accounts by manually typing the web address into your browser.
- Never give out personal information in response to a phone call from someone claiming to represent the IRS or a financial institution. If you get a suspicious phone call, hang up and call the organization directly for more information.
- Protect your sensitive information by collecting mail promptly and shredding documents containing account numbers, credit card numbers, or your Social Security number.
- Never use the same PIN or password for multiple accounts or websites. Doing so increases the risk that a single attack could compromise your identity or result in fraud.
- Monitor your financial and credit card statements carefully to identify suspicious activity. If you find fraudulent transactions, report them to the relevant institution immediately to reduce your financial liability.
- Check your credit report each year at each of the three reporting agencies. You can check your report for free at AnnualCreditReport.com. If you find fraudulent accounts or activity that you don’t recognize, immediately file a report with all three agencies and place a security freeze on your account to prevent more accounts from being opened.
We take security very seriously and are committed to protecting our clients’ personal information in the following ways:
We partner with major financial institutions that use industry-recommended encryption to protect your data;
- We never share any personal or financial information without your explicit knowledge and consent;
- We regularly participate in audits of our internal procedures to help ensure that we are always following industry best practices;
- We regularly update our knowledge and attend specialized training about security.
If you’re worried about how you may have been affected by a data breach or have questions about protecting your sensitive personal information, please give our office a call. We are happy to be a reassuring source of information and assistance.