Jump to content

Chase bank accidentally leaked customer info to other customers


Recommended Posts

Chase bank accidentally leaked customer info to other customers

 

Quote

Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers.

New York City-based JPMorgan Chase Bank is a financial services giant with a $120 billion annual revenue and over 250,000 employees worldwide.

Banking statements, account numbers and balances exposed

Personal details of Chase bank customers including statements, transaction list, names, and account numbers were potentially exposed to other Chase banking members.

The issue is believed to have lasted between May 24th and July 14th this year, and impacted both online banking and Chase Mobile app customers who shared similar information.

In a copy of the data incident notice seen by BleepingComputer, shown below, Chase blamed a "technical issue" for this mishap.

"We learned of a technical issue here that may have mistakenly allowed another customer with similar personal information to see your account information on chase.com or in the Chase Mobile app, or receive your account statements," states the notice.

It isn't imminently clear how or under what circumstances was a customer able to see other customers' private information.

The notice is also vague on whether the issue impacted a specific group: credit card holders, personal or business banking customers—or everyone.

Chase Bank has found no evidence thus far indicating that the information was misused.

Affected customers provided with free credit monitoring

As a standard industry practice, Chase Bank is in the process of notifying the affected individuals and providing them with free credit monitoring services.

 

"We are sorry for letting you down and would like to offer you one year of free credit monitoring through Experian's® IdentityWorks®," states Chase.

Affected customers will receive a unique activation code in the data incident notification letter that they can use to signup for the service.

In 2014, the banking giant was hit by a massive data breach which is believed to have compromised data of over 83 million accounts, raising concerns about phishing attacks.

Although there is no indication of data misuse associated with this incident so far, individuals should remain vigilant and be on the lookout for any "Chase" phishing emails they may receive in the near future.

BleepingComputer has asked Chase specific questions including how many customers were impacted by this issue and what was its cause. We are awaiting their response.

Header image from Wikipedia, licensed CC-BY-SA 3.0.

 

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.