25 Sep 2012

JPMorgan Servers Breached, Jewelry Store Employees Become Collateral Damage


A number of servers belonging to the JPMorgan Chase Bank were compromised this month, exposing a vast amount of customer information. Among them are employees of high-end jewelry maker Tiffany & Co, but the bank believes these details have not been exploited yet.

“We recently were informed by JPMorgan Chase Bank, N.A. (“Chase”) that there was unauthorized access to Chase’s computer servers containing personal information of some Tiffany & Co. employees,” said Ewa Abrams, Tiffany’s chief privacy officer.

Among the leaked information, the attacker obtained names, addresses, Social Security numbers and banking information of Tiffany employees listed in the jewelry company’s travel expense reimbursement system.

This is not the only incident targeting JPMorgan Chase this month. The company has been under heavy fire lately, especially after Muslim hackers launched a paralyzing distributed denial-of-service attack on the company’s website earlier this week.

Since this kind of leak involving social security numbers and full banking accounts cannot be mitigated by a simple scan with an antivirus solution, Chase recommended exposed employees sign up with a credit monitoring service from ITAC sentinel. Since the bank is responsible for the incident, all related costs will be supported by JPMorgan.