JP Morgan Data Breach Exposes Protected Information of Over 450K Customers Featured

JP Morgan has suffered a data security incident that revealed the personal and financial information of over 450,000 individuals.

What Happened?

On February 26, 2024, JP Morgan Chase Bank (“JP Morgan”) “learned of a software issue that caused certain reports run by three authorized system users to include plan participant information that they were not entitled to see.”

According to the Data Breach Notification posted to the Maine AG website, JP Morgan states that there was a “software issue in a vendor-provided system that supports our Benefit Payment Services product,” which allowed employees to access retirement plan participants’ records they were not supposed to see.

Two individuals are employees of employee benefit plan administration hired by JP Morgan clients, and one of the individuals involved was hired by a client of JP Morgan. These system users ran a limited number of reports between August 26, 2021 and February 23, 2024.

Plan participant information relates to personal financial and other information about an individual enrolled in a specific plan.

What Information Was Breached?

According to the notification letter, information obtained from the breach includes –

  • name
  • address
  • Social Security number
  • payment and deduction amounts
  • bank routing and account numbers (if direct deposit was set up)

However, the information disclosed on the Office of Maine Attorney General’s website claims that the employees may also have seen more information that what is shown above. This includes –

  • financial account numbers
  • credit/debit card numbers
  • security codes
  • access codes
  • passwords
  • PINs for the accounts.

What is JP Morgan Doing To Protect My Identity?

Since the incident, JP Morgan has “addressed the access issue and applied a software update” to mitigate the chances of this incident occurring again.

The banking giant recommends that customers review their accounts and call the company if they notice unrecognized transactions.

JP Morgan offers two years of free credit monitoring through Experian’s Identity Works.

What Can Threat Actors Do With My Information?

Stolen personally identifiable information (PII) can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cybercriminals have recently targeted America’s essential industries and in so doing have forced millions of Americans to face the fallout from these attacks.

Leaked or stolen data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.

Clients affected by the breach are exposed to a heightened and imminent risk of fraud and identity theft. They must now and in the future closely monitor their financial accounts to guard against identity theft and fraud.

If you received a data breach notification from JP Morgan, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you. For more information, please review these recommendations.

Protect Your Identity. Join the JP Morgan Data Breach Class Action.

If you receive a notification letter from JP Morgan, you are at permanent risk of identity theft and the devastating financial and legal consequences that go along with it.

If you received pension and/or investment income administered by JP Morgan on or between August 26, 2021 and February 23, 2024, you may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.

The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach announced by JP Morgan Chase Bank.

Please complete the below form shown on this page and a data breach attorney will contact you. There is no cost to you.


Leave a Reply

Your email address will not be published. Required fields are marked *