JP Morgan Chase & Co. confirmed last week that hackers managed to access personal data for more than 83 million customers, including 76 million households and seven million small-business online accounts. As The New York Times revealed, even though this was one of the most serious computer intrusions into an American corporation, it wasn’t the only one. Bloomberg is now reporting that 13 financial institutions have also been targeted by the same hacker group, which also managed to steal some critical security data from JPMorgan on top of personal data.
Acknowledgement of this breach from JP Morgan comes at a time when consumers are already shaken from news of data breaches at major retailers such as Target and Home Depot. Last year, the information of 40 million cardholders and 70 million others were compromised at Target, while an attack at Home Depot in September affected 56 million cards.
So what does this all mean for consumers?
“Big data has permeated business practice so much, that crises of this type have become more a matter of when they will happen, not if they will happen,” said Daniel Korschun, PhD, assistant professor of marketing at Drexel’s LeBow College of Business and a fellow of both the Center for Corporate Reputation Management and the Center for Corporate Governance at LeBow.
“Part of the risk here is that these breaches can deteriorate the trust between the company and its customer base,” Korschun said. “It is a hit to their reputation.”
But unlike retailers, JP Morgan presents an even greater concern as information on its systems goes beyond customers’ credit card details and potentially includes more sensitive data.
“Companies have been hoarding customer data for the past couple of years, keeping information on customers that they may not ever need,” said Eleanor Feit, PhD, assistant professor of marketing at Drexel’s LeBow College of Business. “These ongoing breaches represent an opportunity for companies to reevaluate what data they need to store to serve their customers.”
According to reports, JP Morgan’s chairman and chief executive Jamie Dimon acknowledged the problem in an annual letter to shareholders and also acknowledged that companies continuously fight a battle to defend themselves against cyber attack threats that are “never-ending.”
For evaluators of these data breaches, however, it seems imperative for companies to take steps to proactively reduce the risk of cyber attacks and have a crisis plan in place to respond in the event that a security issue arises, according to Korschun.
To interview Korschun or Feit, contact Niki Gianakaris, director of media relations, Office of University Communications, at 215-895-6741 or ngianakaris@drexel.edu.