A cyberattack that hit JPMorgan Chase this year affects about 76 million households and 7 million small businesses, the banking giant disclosed Thursday.
Data compromised in the attack included customers' names, addresses, phone numbers and email addresses as well as "internal JPMorgan Chase information relating to such users," the bank said in the filing.
On the other hand, it said, there is no evidence that account numbers, passwords, user IDs, birth dates or Social Security numbers were accessed.
JPMorgan said it hasn't seen any unusual customer fraud related to the breach. And, it said, if customers see unauthorized transactions on their accounts, they are not liable for those transactions as long as they alert the company promptly.
Times staff writer Dean Starkman in New York contributed to this report.