American banking and financial services company JPMorgan Chase is warning customers in Montana that a technical glitch may have presented their personal data to other customers.
The malfunction allowed users of the website chase.com or the Chase Mobile app to view the banking information of other customers whose personal details were similar for nearly two months earlier this year.
Data that may have been compromised included customers’ names, account numbers, account balances, and details of their transactions.
“We learned of a technical issue here that may have mistakenly allowed another customer with similar personal information to see your account information on chase.com or in the Chase Mobile app, or receive your account statements,” wrote JPMorgan Chase in a data breach notification letter available via the Montana attorney general’s website.
The data breach was reported to the Montana Office of the Attorney General on August 13 as having begun on May 24 and having ended on July 14.
JPMorgan Chase advised customers: “The other customer might have seen information about your accounts, including balance(s) and transactions as well as your name and account numbers.”
The bank said that no evidence has been found to suggest that the personal information of customers who were impacted by the data breach has been “used inappropriately.”
Customers were informed that they will not be held liable “for any fraudulent activity on your Chase accounts that you promptly tell us about,” and were encouraged to check their accounts regularly for suspicious activity.
After apologizing for the accidental data exposure, JPMorgan Chase offered the seven customers who were impacted by the breach one year of free credit monitoring.
The data breach is the second to be reported to the Montana Office of the Attorney General by JPMorgan Chase. Last year, the company notified two customers that between April and November 2020 a call center employee may have allowed an unauthorized third party to overhear phone calls in which personal information about their Chase account was shared.
Data compromised in the 2020 breach may have included name, address, account number, Social Security number and email address. The breach was reported on December 23, 2020.