Private information about over 80 million clients of American multinational bank JP Morgan has been stolen by hackers in a massive cyber-attack this summer despite the bank’s increasing cyber-security spending.
The stolen data about 76 million US households and seven million small businesses included names, phone numbers, as well as email and postal addresses.
According to JP Morgan Chase the data theft affected customers using its Chase.com and JPMorganOnline websites and apps ChaseMobile and JPMorgan Mobile.
The New York-based bank admitted the data was stolen from its servers but said there was no evidence that the data breach included account numbers, passwords, Social Security numbers or dates of birth.
The bank has recorded no attempts of fraud that could be attributed to the data theft.
JPMorgan Chase, the US biggest bank by assets, has discovered the breach of its servers in mid-August and has since determined that the attack began as early as June.
"We have identified and closed the known access paths," said the firm’s spokeswoman Patricia Wexler without giving any further details
The company also disabled compromised accounts and reset passwords of all its technology employees, Wexler said.
The data theft is a major blow to the American bank and its cyber security efforts proving that hackers are several steps ahead.
According to Jamie Dimon, the bank's CEO, JPMorgan has spent millions on cyber security this year but remained concerned about the risk of cyber-attacks. By the end of this year, the bank estimates that it will be spending about $250m dollars (£154m) annually on cyber security and employing 1,000 people in the area.
"This is really a slap in the face of the American financial services system," said Avivah Litan, a security analyst at Gartner. "Honestly, this is a crisis point."
The breach follows a series of similar events that hit US financial firms and retailers in the previous months.
Last month, Home Depot said that malicious software lurking in its check-out terminals between April and September affected 56 million debit and credit cards. Michaels and Neiman Marcus have also been attacked by hackers in the past year.
A data breach at Target in December compromised 40 million credit and debit cards. TJX Cos's theft of 90 million records, disclosed in 2007, remains the largest data breach at a retailer.
The attacks are being investigated by the FBI.