The latest news reported by The New York Times, Bloomberg and other channels is that JPMorgan Chase and several other as-yet-unspecified US banks have been hacked. The FBI and security firms are actively investigating. The motivation, as well as who is behind the attacks, is not yet certain, however, it is known that the hackers have targeted client checking and savings accounts.
Due to the potential danger to personal and financial data, we strongly recommend taking the following actions.
In addition to using the right tools, your security depends on you being aware of the dangers that are out there. By keeping up-to-date on hacks and data breaches, you are able to react when a vendor you use, such as your bank or email provider, is hacked. This includes monitoring your account activity for all of your accounts. Any unknown or unauthorized transactions should be reported right away.
Also, whether taking advantage of any free services, or signing up for a paid service, you may want to consider checking out your credit score at one of the credit reporting agencies in the US. (Target and SuperValu indicated that customers affected by the recent data breaches at these chains would receive a free year of credit reporting as a courtesy of these companies.)
Remember: your security requires your active involvement.
Change your passwords to any accounts that may have been affected
If you have an account with JPMorgan, we strongly recommend that you change your password: now. Even though the names of the other hacked banks haven’t been revealed, it is advisable to change your password to any and all of your online bank accounts.
Use a unique password for each of your accounts
The JP Morgan hack is a good reminder of the importance of having a unique password for each of your accounts. As noted above, the reason for the hack is not known. While people tend to think that hacking bank accounts is the end game for bad guys and hackers, that’s not always the case. Personal data and other identity information can be just as valuable, if not more. If you reuse or share passwords on two or more sites, you’re giving hackers an opening that they shouldn’t have.
Be careful what you click
With this new scam, we expect a new slate of phishing scams tied to JP Morgan, and the other banks involved (as the names of these banks become public). Scams typically include attempts to have you click on a link to confirm or change account data. If you receive an email from your bank asking you to ‘click here’ in order to ‘update your info’ because of the hack, we recommend that you call or visit your local bank branch to find out more.
It goes without saying (but, just to be sure, we’ll say it anyway): do not click on links from banks where you do not have an account. (Find out more about phishing threats in our 3 keys to protect yourself from phishing attacks.)
Sticky Password helps you have strong, unique passwords for all of your accounts. Use Sticky Password to change your passwords quickly and easily.