Financial News

  • 6 December 2013, 7:38

JPMorgan Cash Card Holders Warned Of Hacking

Almost half a million prepaid cash card holders in the US have been warned their personal information may have been hacked.

JPMorgan Chase says the attack on its network was carried out in July and involved up to 465,000 accounts.

Cashcards are used by corporations to pay employees and government agencies to issue tax refunds, unemployment compensation and other benefits.

JPMorgan said web servers used by its www.ucard.chase.com site had been breached in the middle of September. It fixed the issue and reported it to the authorities.

Bank spokesman Michael Fusco said it has since been trying to find out exactly which accounts were attacked and what information could have been taken.

He refused to say how the hackers breached the bank's defences.

The cash card holders affected account for about 2% of JPMorgan Chases's 25 million UCard users.

The bank typically keeps its customers' personal information encrypted as a security precaution.

But during the course of the breach personal data had temporarily appeared in plain text in files used by computers to log activity.

Only a "a small amount" of data is thought to have been taken and not critical personal information such as social security numbers, birth dates and email addresses.

Such data is prized by cyber criminals as it can be used to open bank accounts, obtain credit cards and engage in identity theft.

The breach only affected the bank's UCard users, not holders of debit cards, credit cards or prepaid Liquid cards.

The bank said no money had apparently been stolen and there was no evidence other crimes had been committed. As a result, it was not issuing replacement cards.

Mr Fusco did not identify the government agencies and businesses concerned in the attack, which is being investigated by the Secret Service and the FBI.

Business and government in the US are increasingly using prepaid cards as they are easier to cash than cheques.

In May a global cybercrime ring stole $45m by hacking into credit card processing firms and withdrawing money from automated teller machines in 27 countries.

Advertisement