 J.P. Morgan Chase & Co learned about hackers who stole the bank's contact information for 76 million households and 7 million small businesses through a corporate event that it sponsors, the New York Times and Wall Street Journal reported, citing people familiar with the matter. According to the reports, the bank discovered that the intruders had used some of the same offshore servers to hack both the bank and the website of the JPMorgan Corporate Challenge. The New York Times said the breach was part of a repository of a billion stolen passwords and usernames from some 420,000 websites that a Milwaukee-based security consulting firm, Hold Security, had traced to a gang of Russian hackers. Further investigation by Hold and JPMorgan security specialists revealed that in April the hackers had obtained the website certificate for the Corporate Challenge site's vendor, Simmco Data Systems, allowing hackers access to any communications between visitors and the website, including passwords and email addresses, the Times reported.
|
No comments:
Post a Comment