Chase Bank Leaks Web & Mobile User Data

BACKGROUND:

Chase Bank has sent out a notification letter acknowledging a leak of customer data, including statements, transaction list, names, and account numbers to other members, due to a “technical issue” present on both their website and the mobile app. The issue is said to have continued from May 24th to July 14th of this year. An expert with YouAttest comments.

Experts Comments

August 19, 2021
Garret F. Grajek
CEO
YouAttest

The key to identity and data security is proper practices and procedures. These are outlined in the US government's cyber security framework, NIST 800-53 (Rev 5). These include best practices for identity creation, handling and review. These practices are quantified and detailed in  the various regulations including PCI-DSS, HIPAA/HITRUST, SOX, SOC and now the D.o.D's CMMC. Best practices and identity governance don't ensure that mistakes won't happen but can help in mitigating the frequency

.....Read More

The key to identity and data security is proper practices and procedures. These are outlined in the US government's cyber security framework, NIST 800-53 (Rev 5). These include best practices for identity creation, handling and review. These practices are quantified and detailed in  the various regulations including PCI-DSS, HIPAA/HITRUST, SOX, SOC and now the D.o.D's CMMC. Best practices and identity governance don't ensure that mistakes won't happen but can help in mitigating the frequency and loss on these accidents.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.