J.P. Morgan Chase & Co. (NYSE: JPM) has announced that hundreds of thousands of prepaid debit card users in America may have had their data breached. The bank reported that personal information of some prepaid debit cardholders in multiple states may have been improperly viewed on Chase’s servers from mid-July to mid-September of this year.
It is good to know that the firm is getting the information out, but this is now three to five months after the fact. That has given identity thieves or cyber-criminals a long head start if they intend to use the data improperly.
Chase said that it will begin notifying affected cardholders in a letter sent by email on Monday. The process will take several days. Where this gets to be a much larger impact is that Chase said about 465,000 cardholders nationwide had their personal data potentially compromised.
The bank specified in one release that Pennsylvania offers debit cards from Chase as one option for receiving unemployment compensation or workers compensation benefits. It has informed the state Treasury that approximately 26,000 accounts of Pennsylvania’s 400,000 or so state debit cardholders could have been involved.
The breach was said to affect only cardholders who used the J.P. Morgan Chase UCard Center website between mid-July and mid-September. Chase claims that there is no evidence that the information was used improperly. As a precaution, it is providing affected cardholders two years of free credit monitoring and identity theft insurance through ITAC Sentinel.
Unfortunately, if, or when, you receive letters of data breaches and security breaches, you cannot take the matter lightly.