A computer breach at JP Morgan, which affected millions of account-holders and highlighted the growing menace of cybercrime, could have been avoided by a simple measure,
A computer breach at JP Morgan, which affected millions of account-holders and highlighted the growing menace of cybercrime, could have been avoided by a simple measure, according to the New York Times, citing unnamed sources.
The report said the hackers could have been foiled if the bank had put in a simple security fix to an overlooked server in its network, the publication said.
This publication is in contact with the US-listed banking group for a comment.
A few weeks ago, the bank revealed that accounts of 76 million individuals, and a number of businesses, had been affected by the data hackers’ activity, raising questions about the vulnerability of banks and wealth managers to such criminals.
It has been claimed that the hackers could have been backed by the Russian government, with which the US is at odds due to Russia’s annexation of Crimea and activities in eastern Ukraine. Russia has strenuously denied such a claim. The attack also happened before the latest revelations of a massive hacking attack against Sony; the US has blamed North Korea’s Communist regime for being behind that attack.
The NYT report said the weak spot at JP Morgan appears to have been a very simple one – the bank did not use a double authentication scheme, known as two-factor authentication. JP Morgan's security team had apparently neglected upgrading one of its network servers with the dual password scheme, the newspaper said. The NYT did not name its sources.
A report by Reuters on the matter said JP Morgan could not be immediately reached for comment because its enquiries were made outside US business hours.