JPMorgan Hack: Use of Two-Factor Authentication Could Have Prevented Data Breach

JPMorgan Chase suffered from a massive security breach last summer because its security team missed an upgrade of one of its 90 servers to two-factor authentication.

People who have knowledge of the investigation told the New York Times that the American bank and financial company spends approximately $250 million per year to secure its system. But the company feels embarrassed that the security breach happened due to negligence of its employees.

Two-factor authentication requires users to provide two means of identification, such as a physical token and a security code. Security experts believe that this security process could considerably reduce the incidents of identity theft, phishing and online fraud.

Big banks like JPMorgan Chase paid for this type of protection, and the company is now focused on the internal investigation to determine if there are other servers left unprotected.

The incident compromised the email addresses, home addresses and phone numbers of more than 83 million households and businesses. Hackers stole the login credentials of one of the bank's employees and accessed all of the above-mentioned information. The company said that it hadn't received any reports of fraud yet.

"These criminals accessed customer and contact information, but no account information," JPMorgan spokeswoman Patricia Wexler said to the New York Times.

The U.S. Federal Bureau of Investigation (FBI) ruled that hackers are from the Russian government due to the Ukraine crisis.

Trey Ford, a global security strategist at security firm Rapid7, commented that big banks and organizations like JPMorgan should go beyond the two-factor authentication for protection. It should also hire people to monitor the servers for possible hacks, especially since hackers tend to lurk in the servers for months or years before the actual attack occurs.

"Compromised credentials have been a factor in the vast majority of breaches including Sony and Target," Ford wrote in an email to Mashable. "Once an attacker has a privileged credential, they can usually access sensitive data and escape most incident detection solutions because they appear as a valid user to those detection solutions. This is how attackers are staying undetected in organizations for days, months and sometimes even years."