NEW YORK — Hackers have managed to break into 7 of the top 15 banks.
Here’s what you need to know.
Some of the biggest banks — including JPMorgan Chase — were recently hacked. The attackers used never-before-seen malware to break into the banks’ computer systems, according to someone with direct knowledge of the investigation. And the hackers got in deep enough to delete or manipulate bank records.
Does this affect me?
As a consumer, not yet. Customer bank accounts are often insured by the bank in the event of a cyberattack. Check with your bank.
But business bank accounts are another matter. They’re not typically protected from theft. Small businesses could be on their own.
What’s the damage?
Hackers burrowed themselves deep into these computer systems and got access to sensitive internal records.
With that kind of access, they might be able to steal from customer accounts. Customer privacy is also at stake. Plus, criminals could have the banks’ investment playbooks. Hackers could also wipe out a bank’s entire computer network, according to Tom Kellermann, chief cybersecurity officer of Trend Micro.
Who did it?
That’s still unknown.
Some are quick to point to hackers in Russia. Trend Micro has spotted a spike in attacks on U.S. and European banks from computers located in former Soviet bloc countries in Eastern Europe. The massive surge started July 24, amid souring U.S.-Russia relations and economic sanctions imposed by Western nations upon Russia.
But it’s easy for hackers to spoof evidence. They can bounce signals from computers in other countries. So far, the evidence pointing to Russian hackers or even the Russian government is circumstantial.
Why did this happen?
FBI investigators and independent cybersecurity specialists are trying to figure that out.
Just sit back and keep an eye on your bank statements. Wait to hear from your bank for any instructions.
But if you do, be careful and make sure it’s actually your bank. If you get an email or letter, look up the bank’s phone number on its official website and call directly. And if you get a phone call, hang up (politely) and call back the real number.