JPMorgan Chase, the largest U.S. bank, disclosed in a securities filing that the data breach reported in late August was much larger than previously thought, impacting 76 million households, or two out of every three American households, and 7 million small businesses. The JPMorgan Chase data breach took place this summer, and news of it broke in late August.
The new estimate is far greater than JPMorgan Chase's original estimate of one million affected accounts, reports The New York Times.
JPMorgan Chase has not said how many individual customers or accounts were affected, instead using the number of households, according to The Huffington Post.
Data breach limited to customers' contact information
The extent of the data breach and the information accessed was found to be limited to general user info and details of the administrative and technology systems used by the bank, according to JPMorgan Chase.
The personal information obtained by the hackers includes names, mailing addresses, emails and phone numbers. It does not appear to include more sensitive information that would allow hackers to directly access users' funds or steal identities, such as passwords or social security numbers.
JPMorgan Chase said there is no evidence, as of yet, that the stolen information was used to commit fraud. Still, this contact information could provide hackers with a head start in accessing users' accounts. Hackers can use personal information to get around security questions meant to verify an individual's identity -- a strategy thought to be used by the hackers who leaked the nude photos of several celebrities in September.
The information about the bank's technology systems include knowledge of the software and applications used within the bank, including those that are part of the cybersecurity system. With knowledge of the inner workings of such a large organization, hackers could have a much greater opportunity to quickly identify and exploit weak points in JPMorgan Chase's systems, reports The New York Times.
5 things Chase Bank customers should do to protect themselves
While it's unclear the exact extent of the breach, with two-thirds of U.S. household affected it's safe for all Chase Bank customers to assume that their information was compromised. While account information was not stolen, Chase Bank customers are still at a greater risk now. If you're a Chase Bank customer, here are five things you should do to minimize your risk.
- Keep an eye on your statements. If you don't already check your bank statements regularly, start. Review all purchases and keep an eye out for tiny charges -- according to CNN Money, fraudsters will sometimes charge just a few cents to test out credit card information before racking up charges.
- Update login information. Review the information used across services and accounts, and update passwords for logins that use information that might be compromised.
- Check you security questions. Choose those that are more obscure or not easily found out. Hint: it's not that hard for a hacker to find out your mother's maiden name or the name of your elementary school. Time magazine even suggests treating security questions like passwords and making up nonsense answers, like your mother's maiden name is Jingleheimer-Schmidt.
- Be wary of scammers. The main way hackers can make use of your information is to sell it to scammers. These scammers will know how to contact you, and will know you're a Chase Bank customer and might use this info to put a convincing face forward. Make sure to verify all contact. If you're contacted by a service representative from any company, don't reply. Hang up or ignore the email, find the actual service number from the corporate site, and call that number directly to verify anything you might have been told.
- Don't switch banks yet. JPMorgan was set to spend $250 million on security this year -- and that was before news of the breach broke. If this behemoth bank is scrambling to keep up with hackers, your money is unlikely to be any safer with smaller banks or credit unions that have less resources to put toward security.
This article originally appeared on GoBankingRates.