The FBI is investigating several cyber attacks against JPMorgan Chase and at least four other US banks made by Russian hackers during August. The New York Times reported that sources close to the investigation confirmed that hackers had access to dozens of servers JPMorgan over a period of two months, and they were able to review information about 1 million customer accounts and access a list of software applications installed on computers in the bank.
JPMorgan Chase has confirmed the attack in a press release in which it reports that there has been no fraud related to these events.
October 2014, JPMorgan Chase & Co. officially informed the US Securities and Exchange Commission (SEC) that the attack affected 76 million households and 7 million small businesses, compromising the contact details of the users name, address , phone number and email address. Internal information about JPMorgan Chase users would not have been compromised.
December 2014, it would have identified the entry point used in the attack that had been apparently a neglected to upgrade one of its network servers with the dual password scheme, common in most large banks.
November 2015 The US government has charged hackers over the largest ever hacking case in financial history. Three men, including Gery Shalon, Ziv Orenstein, and Joshua Samuel Aaron were charged with 23 counts, including hacking, identity theft, securities fraud, and money laundering, among others.
December 2016 The FBI arrested Joshua Aaron on charges of 16 counts including hacking, securities fraud, and conspiracy, some of whom are sentenced to up to 20 years in prison. The accused was handed over by Russian authorities after several months of negotiations between the United States and Russia.