From the
New York Times Dealbook we learn that
Hackers’ Attack Cracked 10 Financial Firms in Major Assault, gaining data on 83 million households and businesses in what has been described as "one of the most serious computer intrusions into an American corporation."
Questions over who the hackers are and the approach of their attack concern government and industry officials. Also troubling is that about nine other financial institutions — a number that has not been previously reported — were also infiltrated by the same group of overseas hackers, according to people briefed on the matter. The hackers are thought to be operating from Russia and appear to have at least loose connections with officials of the Russian government, the people briefed on the matter said. ...
The breadth of the attacks — and the lack of clarity about whether it was an effort to steal from accounts or to demonstrate that the hackers could penetrate even the best-protected American financial institutions — has left Washington intelligence officials and policy makers far more concerned than they have let on publicly. Some American officials speculate that the breach was intended to send a message to Wall Street and the United States about the vulnerability of the digital network of one of the world’s most important banking institutions.
“It could be in retaliation for the sanctions” placed on Russia, one senior official briefed on the intelligence said. “But it could be mixed motives — to steal if they can, or to sell whatever information they could glean.”
So are the Russians essentially saying, "hey, that's a nice banking system you have there America, what a shame if something was to happen to it?" "Back off on the sanctions or else?"
Fortunately, the hackers went down a path that them information about "the names, addresses, phone numbers and email addresses of account holders," but not passwords and what J.P. Morgan called "personal information. As if our names, addresses, phone numbers, and email addresses are not personal information.
J.P. Morgan has begun to contact customers to inform them that no money was taken from their accounts. Nevertheless, it may be prudent to change your passwords more often than usual.