Well, I nearly trashed this email as spam because the sender showed as “Gregory Quental,” with a subject line “Important update on cyber security.” I’m glad I looked at it, though, as it was a message from JPMorgan about their breach:
As you may know, Chase recently was the victim of a sophisticated cyber attack. Since then, we have been conducting a comprehensive investigation of the incident and have found no evidence that client account information was compromised.
Our detailed review has found no evidence that account numbers, passwords, dates of birth and Social Security numbers were compromised. We therefore do not believe you need to take any action related to your account. The information that was compromised was contact information — names, addresses, phone numbers and email addresses for users of Chase.com, J.P. Morgan Online, Chase Mobile and J.P. Morgan Mobile, as well as internal JPMorgan Chase information relating to such users.
We want to assure you that we take this incident very seriously, and have no evidence that the attackers are still in our systems. These kinds of attacks are frequent, and while this one was sophisticated, we stopped it and continue to invest in preventing future attacks. It is important to note that we have not seen any unusual fraud activity across all of our accounts, and you are not liable for any unauthorized transactions on your account that you promptly alert us to.
We regret this incident happened. As always, your J.P. Morgan advisor and client service team are available to discuss any questions or concerns.
Sincerely,
Gregory Quental
Chief Executive Officer
J.P. Morgan Securities