President Obama will now receive regular updates on foreign cyberattacks after the largest data breach ever compromised more than 75 million JP Morgan Chase bank accounts. That summer attack now ranks alongside Islamic State group news as a national security concern, according to reports, in part because of worries that the Russian government might have supported the attack.
An investigation into the attack is still ongoing, with the FBI, National Security Agency, Secret Service and others trying to find out what exactly happened, and why. The attack was first discovered in July; it began shortly after the U.S. introduced a tough round of Russian sanctions in retaliation for the invasion of Ukraine. Investigators have said they’re acting under the assumption that the attack originated in Russia or Eastern Europe, though they’ve said Obama has been frustrated with the inability to identify a concrete motive.
“The question kept coming back, ‘Is this plain old theft, or is it Putin retaliating?’” one senior American official told the New York Times of his conversations with the president. “And the answer was: We don’t know for sure.”
The questions were further complicated by the hackers’ apparent decision to not steal any money from the largest American bank. Chase, in a report filed with the Securities and Exchange Commission, said user contact information including names, addresses, phone numbers and email addresses was stolen, though they have yet to detect any incidents of fraud.
Chase previously infuriated Russian officials when the bank, after years of bad publicity for its role in the 2008 housing crisis, took the step of freezing a less than $5,000 transfer from the Russian embassy in Kazakhstan to the Sogaz Insurance Group, which is owned by the St. Petersburg-based OAO Bank Rossiya, which itself is owned by one of Russian President Vladimir Putin’s associates.
“Any hostile actions against the Russian diplomatic mission are not only a grossest violation of international law, but are also fraught with countermeasures that unavoidably will affect activities of the embassy and consulates of the U.S. in Russia,” Russian Foreign Ministry spokesman Alexander Lukashevich said at the time, adding that JP Morgan’s decision was “absolutely unacceptable, illegal and absurd.”
Previous high-profile attacks on retailers like Target and Home Depot targeted the stores’ point-of-sale machinery, a clear indication that the perpetrators were motivated by finances. While spending what may have been months inside Chase’s massive financial system, though, the hackers didn't take any monetary information. Citigroup, E*Trade, Regions Financial Corp. and other financial institutions are also believed to have been targeted in this hack. None of the companies think they were breached, though they did report seeing Web traffic rise at the same time Chase was infiltrated, sources close to the issue told the Wall Street Journal.
Customers have been advised to change their passwords, but this hack bears more resemblance to a data breach on NASDAQ’s cyber-networks in October 2010. The breach, first made public by Bloomberg Businessweek in July, wasn’t an attempt to destroy the NASDAQ, intelligence agencies speculated, but intended to essentially clone the stock exchange. Top U.S. law enforcement groups were also involved that investigation, with House Intelligence Committee Chairman Mike Rogers admitting to Bloomberg NASDAQ infiltration was an ominous sign of things to come.
“We’ve seen a nation-state gain access to at least one of our stock exchanges, I’ll put it that way, and it’s not crystal clear what their final objective is,” Rogers said in July. “The bad news of that equation is, I’m not sure you will really know until that final trigger is pulled. And you never want to get to that.”