Major U.S. multinational financial services firm JPMorgan had information from more than 450,000 of its customers compromised following a data breach in August 2021, reports Cybernews.
Such an incident stemmed from a vulnerability in a third-party system supporting JPMorgan's Benefits Payment Services offering, which enabled two employees of a third-party employee benefit plan administration and another employee of a JPMorgan client to access individuals' names, addresses, Social Security numbers, bank routing and account numbers, and payments and deductions, according to a breach notification from JPMorgan.
However, other information, including credit and debit card numbers along with PINs, security codes, and access codes, as well as financial account numbers, were noted in a disclosure to the Office of the Maine Attorney General to potentially have been accessed by the employees.
Individuals whose data had been impacted by the breach have been urged to be vigilant of suspicious account activity even if there was no evidence to suggest any misuse of the exposed information.