Last week JPMorgan Chase warned 465,000 customers who use prepaid cash cards that their accounts may have been compromised by attackers, though the number of affected seems to be growing as 97,000 Utahns who receive benefits through the state Department of Workforce Services have been notified they too are at risk from the breach.
The company acknowledged that servers for the www.ucard.chase.com website had experience unauthorized access from mid-July through mid-September, and found that details of the prepaid card accounts may have already been exposed.
The prepaid cards are typically issued for tax refunds, to distribute unemployment compensation or for payroll in some instances. The account information is most often stored in an encrypted format, but officials for JPM said that some data may have been available in plain text in log files.
It is assumed that some information has been exfiltrated by the attackers, but officials claim none of the data contained sensitive details such as email addresses, social security numbers or birth dates.
JPM will offer potential victims free credit-monitoring services for one year, but has no plans to reissue cards for the potentially compromised accounts, as there has been no indication that any fraud has been perpetrated in connection with the breach.
Read More Here and Here…