Chase denies hack behind sudden account drains
The banking giant says an internal glitch was responsible for zero balances, and not a security breach as some customers suspected.
JP Morgan Chase denied this evening that it had suffered a hack that many customers claimed had suddenly reduced their checking account balances to zero.
After discovering the apparently empty accounts via the Internet or mobile devices, many Chase banking customers turned to Twitter to express their frustration and show screen shots of zero balances. Other users were greeted with messages that their bank account balances were unavailable.
But a spokesperson for the bank told CNET this evening that the problem was related to an internal issue and not a security breach.
"We have a technology problem regarding customers' balance information that we are working to resolve," the spokesperson said. "It has nothing cyberthreats; it's an internal issue. We are very sorry to our customers for the inconvenience."
The representative said credit card and mortgage accounts were unaffected by the issue. She did not say how many customers were affected or when it expected to have the issue resolved.
Chase issued a statement on its support account on Twitter a couple of hours later indicating it had resolved the issue:
*UPDATE* We're back to business as usual on Chase.com & Mobile. Apologies again for the trouble & thank you for your patience.— Chase Support (@ChaseSupport) March 19, 2013
Customers' suspicions about a possible security breach are natural, with the zero balances appearing less than a week after a massive distributed-denial-of-service attack. Customers trying to use the site's tools were instead greeted with a note that the site was "temporarily down."
Hackers have ratcheted up their assaults on financial institutions in recent months, using DDoS attacks to take down Wells Fargo, Bank of America, Chase, Citigroup, HSBC, and others. Though initially it was unclear who was behind the attacks, government officials and security researchers said in January that Iran was responsible for these cyberattacks.
In its December report, security company McAfee said that attacks on U.S. financial institutions are only going to increase in 2013. The firm said that this isn't just a possibility; it's a "credible threat." Anonymous has also threatened to increase its activity in 2013.
Updated at 7:40 p.m. PT with Chase tweet about issue being resolved.