By Hugh Son

JPMorgan Chase & Co. (JPM), the biggest U.S. bank, said a previously disclosed data breach affected 76 million households and 7 million small businesses.

Customer names, addresses, phone numbers and e-mail addresses were taken, the New York-based bank said today in a regulatory filing. Hackers also obtained internal data identifying customers by category, such as whether they are clients of the private-bank, mortgage, auto or credit-card divisions, said a person briefed on the matter.

The breach affected anyone who visited the company’s websites, including Chase.com, or used its mobile app, said the person, who requested anonymity because that information wasn’t publicly disclosed. Some of those affected by the incursion are former clients of JPMorgan, which currently has 65 million customers and reaches half of all U.S. households, the person said.

Graphic: Top U.S. Data Breaches

The bank, led by Chief Executive Officer Jamie Dimon, hasn’t detected “any unusual customer fraud” related to the attack, and clients aren’t liable for unauthorized transactions that are promptly reported to the company, according to the filing.

“There is no evidence that account information for such affected customers -– account numbers, passwords, user IDs, dates of birth or Social Security numbers –- was compromised during this attack,” the company said.

continue reading »