A cyberattack that hit JPMorgan Chase this year affects about 76 million households and 7 million small businesses, the banking giant disclosed Thursday.
The filing with the Securities and Exchange Commission did not specify when the attack took place, but a JPMorgan spokeswoman confirmed it was the one reported in August. This is the first time the company has revealed the scope of the breach.
Data compromised in the attack included customers’ names, addresses, phone numbers and email addresses as well as “internal JPMorgan Chase information relating to such users,” the bank said in the filing.
On the other hand, it said, there is no evidence that account numbers, passwords, user IDs, birth dates or Social Security numbers were accessed.
JPMorgan said it hasn’t seen any unusual customer fraud related to the breach. And, it said, if customers see unauthorized transactions on their accounts, they are not liable for those transactions as long as they alert the company promptly.
Times staff writer Dean Starkman in New York contributed to this report.
For more news, follow @raablauren on Twitter.