JPMorgan Chase attackers hacked other banks, report says

Even when an attack does not involve credit card or social security numbers, however, information such as names of people who use a certain service can be used by criminals to pry more sensitive information from unsuspecting consumers via phishing attacks. In the wake of the cyberattacks, consumers need to be especially careful of any communication, even from apparently trusted sources, that requests information such as passwords, experts say.

JPMorgan's regulatory filing was short on details about how the attack occurred. When media reports about the hack surfaced in late August, JPMorgan Chase declined to confirm the attacks. It said large companies constantly experience cyberattacks. This is precisely the problem, argue advocacy groups: weak security coupled with lack of disclosure of breaches are a serious disservice to consumers. Consumer advocates and some politicians are calling for more stringent breach disclosure laws.

Meanwhile, U.S. agencies including the Federal Bureau of Investigation and the Secret Service are working with JPMorgan to better determine the scope and source of the attacks. JPMorgan and the Secret Service did not immediately return requests for comment Saturday.