A group of attackers attempted to break in the virtual doors of financial companies in what can be referred to as a summer hacking spree. At least 76 million households were affected including seven million small businesses. This record is surprisingly higher than the one million accounts that JPMorgan previously believed had been affected by the attack.
In an SEC filing, it appeared that the cyber criminals got hold of an employee password and used it to crack one of the bank's servers. This paved the way for the attackers to steal a number of customer contact information which would include names, addresses, contact numbers and email details. Given the fact that the stolen information belonged to millions of households, the attack could then be classified as one of the largest virtual thefts to date.
At least 13 financial institutions were attacked following the data breach at JPMorgan Chase. These would include ADP, HSBC Holdings plc, Regions Financial Corp, E*Trade Financial Corp, Fidelity Investments and Citigroup Inc.
Fidelity Investments is one of the largest financial services and mutual fund groups in the world. It is home to thousands of retirees' accounts in the U.S. However, there were no signs showing that customer data was compromised.
"We have no indication that any Fidelity customer sites, accounts, information, services or systems were affected by this matter," said a spokesman of Fidelity. "We take security very seriously and closely monitor the online environment. Fidelity has a range of safeguards and multiple layers of security in place to protect customer accounts and information, our sites, and systems. For security reasons, some of these protections are visible, some are not. Beyond that, for security reasons, it's our practice not to comment on details of specific matters."
The hackers were unsuccessful in obtaining information on the account holders such as getting hold of their account numbers, the corresponding password, birth dates and social security numbers. It seemed like the hackers were looking for weaknesses on the various systems. Though the purpose to steal data gave them no results, the attacks still caused a major concern for the U.S. law enforcement.
The attacks are now being investigated with the U.S. Secret Service and the Federal Bureau of Investigation taking the lead.
"The FBI continues to work with the U.S. Secret Service to determine the scope of recently reported cyber attacks against American financial institutions," said Joshua Campbell, FBI spokesman. "Combating cyber crime remains a top priority."