JPMorgan Chase says it has discovered a data breach affecting the personal information of nearly half a million customers.
New filings with the Office of the Maine Attorney General the banking giant recently found a software issue that’s been active since August 26th, 2021.
The bug allowed unauthorized access to retirement plan records of 451,809 customers, which contain names, addresses, Social Security numbers and bank account numbers.
JPMorgan says it now fixed the issue, which erroneously gave full access to several “authorized system users” who were employed by JPMorgan customers or their agents.
The bank says it has no indication that the personal information has been misused, and it’s offering two years of free credit monitoring through Experian to affected customers.
This isn’t the first time JPMorgan Chase has discovered a crack in its security infrastructure.
In 2014, the bank reported one the largest data breaches in history in a cyberattack that affected the accounts of 76 million households and seven million small businesses.
As the New York Times reported, JPMorgan’s security team had failed to add two-factor authentication to one of its network servers, which led to the theft of customers’ email addresses, home addresses and phone numbers. The bank said there’s no evidence that account information was leaked in the hack.
