Chase Bank Leaks Web & Mobile User Data

BACKGROUND:

Chase Bank has sent out a notification letter acknowledging a leak of customer data, including statements, transaction list, names, and account numbers to other members, due to a “technical issue” present on both their website and the mobile app. The issue is said to have continued from May 24th to July 14th of this year. An expert with YouAttest comments.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Garret F. Grajek
InfoSec Expert
August 19, 2021 8:19 am

<p>The key to identity and data security is proper practices and procedures. These are outlined in the US government\’s cyber security framework, NIST 800-53 (Rev 5). These include best practices for identity creation, handling and review. These practices are quantified and detailed in  the various regulations including PCI-DSS, HIPAA/HITRUST, SOX, SOC and now the D.o.D\’s CMMC. Best practices and identity governance don\’t ensure that mistakes won\’t happen but can help in mitigating the frequency and loss on these accidents.</p>

Last edited 1 year ago by Garret F. Grajek
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x