14 DAY TRIAL // More than a month after the cyber-attack against JPMorgan Chase has been disclosed, the investigation reveals that the financial institution was not the only one sighted by the hackers and that at least 13 other banks were attacked.
The fact that other financial organizations were targeted by the malicious actors was known from the beginning, but the investigation did not reveal the number of the potentially affected entities, or their names.
14 financial organizations hit by the attack
In a recent report on the matter, Bloomberg revealed some of the institutions that were impacted by the incident, either through successful penetration or just through an attempt that was deflected by the intrusion prevention systems.
It appears that among the potential victims are Citigroup Inc., HSBC Holdings Plc (HSBA), E*Trade Financial Corp. (ETFC), Regions Financial Corp. (RF), and Automatic Data Processing Inc. (ADP).
There is no confirmation that their systems were breached, but in some cases, the malware managed to find its way on inside computers. Traces of the threat were also found in the logs of the devices guarding the organization’s infrastructure.
The number is likely to increase
As the JPMorgan investigation developed, more and more interesting details started to appear. At the beginning, it was revealed that the company systems had been infiltrated a couple of months before the attack was detected and that the operators behind it probed the systems in search of a weak spot, which was later exploited through custom tools.
The company also disclosed that 90 servers were breached and personal information of 83 million customers was exposed, although no financial data leaked.
A few days back, New York Times reported that the number of financial institutions targeted in this campaign was larger than it was previously suspected, 10 organizations being impacted.
With the latest information from Bloomberg saying that the total has now risen to 14, individuals close to the investigation are not sure that this is the final number, as the list may grow.
"It’s frankly not surprising that there are at least 13 other financial services companies that were targeted by the attackers that broke into JPMC. Data is the new currency, and clever thieves have figured out how to breach the perimeter security measures most companies have relied on," said Michele Borovac, VP at HyTrust via email.
There is a strong belief that this will happen, as financial companies complete their own internal investigation and determine the signs of intrusion or compromise sent out by the Financial Services Information and Analysis Center.
As far as the identity of the attackers is concerned, there are some leads that the investigators are following. At the moment, there is no solid evidence, but clues point to individuals from Russia, with at least vague connections to government officials.