Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Chase Bank Accidentally Leaked Customer Info to Other Customers

Chase Bank Accidentally Leaked Customer Info to Other Customers

Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers.

New York City-based JPMorgan Chase Bank is a financial services giant with a $120 billion annual revenue and over 250,000 employees worldwide.

Banking statements, account numbers and balances exposed

Personal details of Chase bank customers including statements, transaction list, names, and account numbers were potentially exposed to other Chase banking members.

The issue is believed to have lasted between May 24th and July 14th this year, and impacted both online banking and Chase Mobile app customers who shared similar information.

In a copy of the data incident notice seen by BleepingComputer, shown below, Chase blamed a “technical issue” for this mishap.

“We learned of a technical issue here that may have mistakenly allowed another customer with similar personal information to see your account information on or in the Chase Mobile app, or receive your account statements,” states the notice.

It isn’t imminently clear how or under what circumstances was a customer able to see other customers’ private information.

The notice is also vague on whether the issue impacted a specific group: credit card holders, personal or business banking customers—or everyone.

Chase Bank has found no evidence thus far indicating that the information was misused.

Also Read: 4 Reasons to Outsource Penetration Testing Services

Affected customers provided with free credit monitoring

As a standard industry practice, Chase Bank is in the process of notifying the affected individuals and providing them with free credit monitoring services.

“We are sorry for letting you down and would like to offer you one year of free credit monitoring through Experian’s® IdentityWorks®,” states Chase.

Affected customers will receive a unique activation code in the data incident notification letter that they can use to signup for the service.

In 2014, the banking giant was hit by a massive data breach which is believed to have compromised data of over 83 million accounts, raising concerns about phishing attacks.

Although there is no indication of data misuse associated with this incident so far, individuals should remain vigilant and be on the lookout for any “Chase” phishing emails they may receive in the near future.

BleepingComputer has asked Chase specific questions including how many customers were impacted by this issue and what was its cause. We are awaiting their response.

Also Read: Vulnerability Assessment vs Penetration Testing: Why You Need Both

Header image from Wikipedia, licensed CC-BY-SA 3.0.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us