Politics & Government

State Unemployment, Workers Comp Data Hacked

Information of more than 26,000 may have been compromised.

The following was provided to Patch:

J.P. Morgan Chase said Thursday that personal information of some prepaid debit cardholders in multiple states might have been improperly viewed on the bank’s servers from mid-July to mid-September. Pennsylvania offers debit cards from Chase as one option for those receiving unemployment compensation or workers compensation benefits.

The bank has informed the state Treasury that approximately 26,000 accounts among Pennsylvania’s nearly 400,000 state debit cardholders could have been involved. The breach affects only cardholders who used the J.P. Morgan Chase UCard Center website between mid-July and mid-September. 

Chase will begin notifying affected cardholders in a letter sent by email on Monday, a process that will take several days. About 465,000 cardholders nationwide had their personal data potentially compromised.

Find out what's happening in Pottstownwith free, real-time updates from Patch.

Chase said it has found no evidence that the information was used improperly. As a precaution, it is providing affected cardholders two years of free credit monitoring and identity theft insurance through ITAC Sentinel.

Until cardholders receive their notification, they are being urged by Chase to report any transactions they don’t recognize by calling the phone number on the back of their card. If they are notified they are among affected cardholders, they should then use the special contact number that will be included in their email.

Find out what's happening in Pottstownwith free, real-time updates from Patch.

For the majority of cardholders, the personal information that might have been viewed includes: card number, date of birth, user ID, and email address. Cardholders who completed transactions to external bank accounts from their debit cards might have had information about those accounts viewed. For fewer than 10 cardholders, name, address, security questions, phone number, and password could have also been viewed.

The Pennsylvania Treasury has asked Chase to provide a detailed explanation regarding the nature of the security breach and its response, including an explanation for any delay in notifying the commonwealth of the risk to which cardholder accounts were exposed. Chase will also be required to describe additional measures that it will implement to minimize or eliminate the potential for recurrence.

For security reasons, Chase could not explain details of how the breach occurred. It has referred the matter to law enforcement.



Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.

We’ve removed the ability to reply as we work to make improvements. Learn more here