At the end of August, JPMorgan Chase was identified as being the target of a large attack. The financial giant has now been breached again, according to a New York Times report today, citing unnamed sources familiar with the incident.
At this point, the details are few and it’s not clear whether or not this second attack is directly connected to the one reported in August. According to the report, JPMorgan’s top executives are currently trying to figure out the full extent of the new attack.
JPMorgan, however, is denying that there was a new attack. “The story is false. We are not aware of any new attack,” JPMorgan spokeswoman Patricia Wexler told Reuters.
Whether or not the JPMorgan was in fact attacked for a second time remains to be seen. Attackers coming back for a second time to the same target is not an uncommon phenomenon.
In the physical world, bank robbers have been known to repeatedly rob the same banks. Typically, the only reason why that works is because the crooks have already thoroughly assessed the security of the physical bank and the bank has made no changes in between robberies.
With the hacking attack at JPMorgan Chase—which would be the second time JPMorgan, one of the largest banks in the world, has been hit by hackers twice in less than three months—it’s far too early to speculate whether the bank made any changes in its infrastructure after the first attack or even if it would have mattered. The facts are sparse, and a bank’s attack surface is vast.
In the online world, hackers have come back to targets too. Case in point is the disclosure this week from grocery chain Supervalu that it was attacked for a second time. Supervalu first disclosed it had been attacked on Aug. 14; disclosure of the second attack came on Sept. 29.
In Supervalu’s case—to the grocery chain’s credit—it publicly noted that changes made to its security posture limited the risk exposure for the second attack.
Criminals will continue to target the weak links of security, wherever they might be. In the modern world, it has now become more important than ever to figure out how attacks occurred and to remediate them as rapidly as possible.
Simply put, attackers traverse the Internet at the speed of light, so there is no time to delay on defense, especially when customer trust and money is on the line.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.