Multiple Chase Bank customer accounts in the US were exposed after what was described as a “glitch” granted customers looking to log into their own accounts access to the accounts of random customers instead.
The incident was spotted by the fiancé of an author at Fly&Dine when one of the writers logged into their account but instead of accessing their own information they gained access to the account of a random stranger in New Jersey, according to a 21 February blog post. The couple contacted the bank who notified them that that there had been similar complaints coming in all day.
The incident occurred Wednesday for “a pretty limited number of customers” between 6:30 pm and 9 pm ET (23:30 pm and 02:30 pm GMT) and was not the result of malicious activity, Trish Wexler, director of communications for the retail side of JP Morgan Chase told independent security researcher Brian Krebs.
Wexler said she was sure the incident wasn't the result of malicious actors but said she didn't know what caused the glitch. Some researchers claimed the mishap was somehow related to the bank's mobile apps noting that Chase released an updated app by Thursday morning.