Site   Web

December 23, 2014

JPMorgan Chase Breach Due to Lack of Two-Factor Authentication on Server

Image courtesy of (chanpipat)/ FreeDigitalPhotos.net

The hackers that filched the data of roughly 83 million JPMorgan Chase customers earlier this year were able to do so because a server lacked two-factor authentication, the New York Times has reported.

Unnamed sources told the publication while most servers at the financial institution were protected with two-factor authentication, one left vulnerable was able to be accessed after the hackers stole the login credentials of a JPMorgan employee.

Two-factor authentication makes it much more difficult for hackers to gain access to data or user accounts because it requires more than a simple password. A unique code is sent to the user on their Smartphone or device to enter along with his or her password.

According to the Times’ report, had JPMorgan Chase’s security team employed two-factor authentication to all of the company’s serves, the attack would likely have been foiled.

Although the hackers were able to gain access to more than 90 servers at the bank through the one that was unprotected, security discovered and blocked the intrusion in August.

The hackers were able to grab the names, addresses, phone numbers and e-mail addresses of customers as well as, in some cases, the line of business the customers were involved in.

“There is no evidence that financial data such as account numbers, passwords, user IDs, dates of birth or Social Security numbers were accessed, acquired or compromised,”JPMorgan said on its site in an Oct. 2 post. “We have identified and closed the known access paths.  We have no evidence that the attackers are still in our system.”

 


avatar

2 Responses to “JPMorgan Chase Breach Due to Lack of Two-Factor Authentication on Server

    avatar Andrew says:

    Thanks for sharing article about JPMorgan Chase Breach Due to Lack of Two-Factor Authentication on Server. This content is really informative for us………….

    avatar Tom Alciere says:

    “The hackers were able to grab the names, addresses, phone numbers and e-mail addresses of customers as well as, in some cases, the line of business the customers were involved in.”

    Kinda like buying the Florida voter list for $5 from Tallahassee. It includes the phone numbers and email addresses of every voter who chose to disclose it when they registered.

Submit a Comment

Your email address will not be published. Required fields are marked *






Please leave these two fields as-is:

Protected by Invisible Defender. Showed 403 to 6,491,123 bad guys.

css.php