THE HIGH-PROFILE DATA BREACH that hit US bank JP Morgan Chase earlier this year could have been avoided if the company had been sharp enough to install a simple security fix, a report claims.
Sources close to the The New York Times identified the entry point and said that the bank's weak spot was on an overlooked server in its network .
Apparently, it didn't use two-factor authentication, a simple dual password scheme which most banks use to restrict access to protected systems.
JP Morgan Chase admitted in August that it had suffered a data breach after it was revealed that the FBI was looking into a potential cyber attack against the firm and four other banks.
Names, addresses, phone numbers and email addresses of the holders of some 83 million accounts were exposed after the attack.
The bank said there is no evidence that account numbers, passwords, user IDs, dates of birth and Social Security numbers were compromised.
An unknown source established that six more banks were attacked at the same time, and that the hackers altered and deleted customer records.
A federal law enforcement official who was not authorised to comment publicly said that sophisticated attacks were coordinated against JP Morgan Chase by Russian hackers.
The bank was not immediately available for comment.
The hack is one of a series of assaults on large firms this year. Target was attacked in January, resulting in the exposure of 70 million names, addresses, emails and phone numbers, along with 40 million payment cards. µ
Flagship can be picked up from £899
INQ's pick of the best earphones on the market right now
Must be something going on beneath the surface
2020 is going to be digital carnage