NEW YORK (CNNMoney) — JPMorgan said Thursday that cybercriminals gathered information on more than 80 million account holders as part of a massive bank hack this summer.
The revelation follows news back in August that hackers had infiltrated seven of the country’s largest banks, using sophisticated malware to burrow into their computer systems and manipulate records.
At JPMorgan, the hackers got contact information for 76 million households and 7 million small businesses, including names, addresses, phone numbers and email addresses, as well as “internal JPMorgan Chase information relating to such users.”
But the bank said that the hackers didn’t get any account information — account numbers, user IDs, dates of birth or Social Security numbers — and that it hasn’t seen “any unusual customer fraud related to this incident.”
“The Firm continues to vigilantly monitor the situation and is continuing to investigate the matter,” JPMorgan said in a securities filing, adding that it is cooperating with law enforcement.
Although it appears that the hackers haven’t been able to access bank accounts, they could still cash in by selling email addresses and other personal information to spammers.
The source of this summer’s attack still isn’t clear. Some analysts have pointed to hackers Russia, though the evidence is only circumstantial.
Hackers from Russia and eastern Europe are often top FBI suspects in cyberattacks. The timing of the hack raised suspicions given the mounting tensions between Russia and the West over Ukraine and economic sanctions.
In a letter to shareholders earlier this year, JPMorgan said it planned to deploy over 1,000 people and budget $250 million annually to focus on cyber security.