JPM Chase Business Customers' Data Exposed in Breach

JPMorgan Chase (JPM) said that an unauthorized party gained access to business data belonging to customers of its accounts-payable service but that it has not detected a theft or wrongful use of the data.

Some computer servers that housed JPMorgan Chase's "Order-to-Pay" accounts-payable product were subject to the unauthorized access, according to an e-mail sent to customers on Monday night. JPMorgan Chase spokesman Thomas Kelly confirmed Tuesday that the letter is authentic.

The unauthorized users had access to customers' business name, address and tax-identification number, and may also have been able to access the customers' banking and invoice information.

"We investigated this extensively and have no reason to believe the information was taken or misused," the letter said.

Kelly declined to comment further or provide the number of customers affected.

The "Order-to-Pay" product is part of the New York company's Treasury Services unit.

For reprint and licensing requests for this article, click here.
Bank technology Consumer banking
MORE FROM AMERICAN BANKER