JP Morgan Data Breach: System Vulnerabilities and Response

Verified

Added on 2023/01/12

AI Summary

This case study examines the JP Morgan data breach, detailing the threats involved, such as hackers gaining access to the internal network through malware and compromised credentials. It identifies system vulnerabilities, including human vulnerabilities exploited through social engineering like phishing. The impact of the breach is discussed, including the theft of customer data and financial losses. The organizational response, involving investments in security and software updates, is analyzed. Finally, it recommends countermeasures, such as improved internal controls, employee education, and specialized task teams, to prevent future attacks. The breach resulted in the compromise of millions of accounts, underscoring the critical need for robust cybersecurity measures in the financial sector. The case study highlights the importance of proactive security measures and continuous improvement to protect sensitive data and maintain customer trust.

JP Morgan
Data Breach

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
1. Threats Involved:s..............................................................................................................3
2. The system vulnerabilities involved:..................................................................................3
3. The impact of the case:.......................................................................................................3
4. The organisational response:..............................................................................................3
5. Countermeasures the company can take to avoid future attacks:.......................................4
REFERENCES................................................................................................................................5

1. Threats Involved:s
Hackers were gained access to JP Morgan's internal network system and Hacker
succeeded in breaking through safety layers via unleashing malicious applications programmed
to penetrate company's network. The hackers accessed contact details for around 76 million
families and around 7 million micro entities including identities, addresses, contact details as
well as mail id involving risk of leveraging of stolen information. There is major risk that
through these hacked details they can also hack their other personal and conduct cyber fraud or
theft at wider scale(.
2. The system vulnerabilities involved:
Hackers ' initial access point into corporation's network in this case was via an employee
with malware-infected operating system through VPN and imperfect/compromised login
credentials which was crucial vulnerability in this case. Human vulnerability is main cause of
such a large hacking, thus here social engineering is most critical aspect. Social engineering is
manipulating or tricking somebody into offering information by exploiting human vulnerabilities
like through phishing, mail attachments, spam or impersonation (JP Morgan Chase reveals
massive data breach. 2019)
3. The impact of the case:
This cyber attack of hackers breached around 90 of JPMC's systems and servers,
efficaciously offering them higher-level administrative advantages in bank's systems. Due to this
hackers were stolen private details of customers including their information of mortgages, credit
cards, and other sensitive information of private banking. JP Morgan had expended around 600
million dollars on cyber-defences against this threat (Jamie Dimon says risk of cyberattacks ‘may
be biggest threat to the US financial system. 2019). Over 83 million accounts were
compromised as a result of this hack and also affected trust of investors and clients on security of
leading banks. Also company had suffered initial downturn because of this data breach of around
17 percent.
4. The organisational response:
As a response to the data breach JP Morgan had announced that corporation will spend
250 million dollars towards improving entire security system. Company has taken all the
necessary steps to straighten their security systems. Company has adopted Host-based Intrusion

Prevention System to enhance the security and updated the existing banking software. Also
company has improved authentication systems for employees as well as customers. Already
hacked accounts are restored and informations are encrypted with latest cyber-defence system.
Passwords of all the hacked accounts were changed and every compliant of system fraud
reported by employees and customers taken at priority (Neglected Server Provided Entry for
JPMorgan Hackers. 2019).
5. Countermeasures the company can take to avoid future attacks:
For avoiding any such data breach condition, company should more emphasise on their
internal control systems over accessibility of systems. Also company should issue advisory for
changing passwords and secret pins time to time. Further company should develop a backup
system and more advanced defence systems to handle this kind of data breach. Employee
eduction is most necessary requirement as employees are key way for hackers to enter into any
system. Employees should be aware of risk for hacking and social engineering to deal with such
kind of circumstances. Further a special task team should be formed for evaluation of cause of
such data breach and provide suggestion for future improvements in system.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

REFERENCES
Online:
JP Morgan Chase reveals massive data breach. 2019. [Online]. Available through:
<https://www.theguardian.com/business/2014/oct/02/jp-morgan-76m-households-
affected-data-breach>
Jamie Dimon says risk of cyberattacks ‘may be biggest threat to the US financial system. 2019.
[Online]. Available though:<https://www.cnbc.com/2019/04/04/jp-morgan-ceo-jamie-
dimon-warns-cyber-attacks-biggest-threat-to-us.html>
Neglected Server Provided Entry for JPMorgan Hackers. 2019. [Online]. Available
through:<https://dealbook.nytimes.com/2014/12/22/entry-point-of-jpmorgan-data-
breach-is-identified>