An update on the J.P. Morgan Chase data breach; additional data breaches come to light

The same hackers who breached J.P. Morgan Chase did in fact attempt to gain access to several other financial institutions. Chase still maintains that financial information was not accessed in the breach, although they do continue to warn customers about phishing scams because of personal information that was obtained by the hackers.

Based on the SEC filing, it appears that the hackers were able to obtain the password of an employee and use it to gain access to the personal information of millions of customers. What was originally thought to include only one million customers ended up being over 83 million, including both personal and business accounts.

Up to 13 other financial institutions discovered attempts to access their systems by the same suspected hacking group. By checking the web addresses used by the group in the J.P. Morgan Chase breach, these companies were able to identify attempts that were made on their systems as well. These other institutions include ADP, Citigroup, HSBC, E*Trade, Fidelity, and Regions Financial Corporation. However, none have reported evidence that any personal or financial information was accessed by the hackers.

One positive that has come from this breach is that J.P. Morgan Chase has said that it plans to increase its cyber-security budget over the next five years. With a current spending of $250 million per year, Chase expects to double this figure in the future.

Other reported data breaches this week include Dairy Queen and K-Mart. The K-Mart data breach is currently being investigated, and appears to have begun in early September. Initial reports state that it is the same software that was used on Home Depot's systems. Dairy Queen also reported that it's payment systems contained malware, which likely captured the account numbers and expiration dates of customers.