The computer breach at JPMorgan Chase this summer was the largest intrusion of an American bank to date. However it might have been thwarted if the bank had installed a simple security fix to a single overlooked server in its vast network. JPMorgan spent $250 million on computer security but the weak spot at JPMorgan appears to have been a very basic one.
Hackers stole the login credentials for a JPMorgan employee, but the bank used a double authentication scheme, which requires a second one-time password to gain access to a protected system. JPMorgan’s security team had apparently neglected to upgrade one of its network servers with the dual password scheme, the people briefed on the matter said. That left the bank vulnerable to intrusion.
The internal investigation at the bank is known as Rio. Though early on some officials suspected that at least one of the attackers’ computers was in Brazil, the attack could have been routed through computers anywhere. The basis for the internal name is unclear.
In the aftermath of the attack, JPMorgan has set up a “business control group” of about a dozen technology and cybersecurity executives to assess the fallout and to prevent hackers from breaching its network in the future. The group has been holding meetings once every few weeks.