High-end jewelry firm Tiffany & Co. reports an incident involving unauthorized access to JPMorgan Chase Bank’s servers. The compromised servers contained information on a Tiffany employee travel expense reimbursement system, and held the employees’ names, addresses, Social Security numbers and banking account information.
In its letter to the New Hampshire Attorney General’s Office on September 5, Tiffany’s Chief Privacy Officer writes that based on its investigations, Chase stated it has “no reason to believe that the relevant information was used or acquired by an unauthorized party.” So what happened?
Chase did not respond to an email sent earlier today requesting clarification as to the type of unauthorized access, i.e., whether it was a hack, malware, or an employee, etc. Nor is it clear what else was on the compromised servers.