Chase Bank Notifies Customers of BreachBackup Tape Reported Missing from Vendor Storage Facility Chase Bank has sent out data breach notification letters to an undisclosed number of customers after a computer tape with customers' personal information was reported missing from a third-party vendor's storage facility.
Tom Kelly, spokesperson for New York-based Chase, the commercial/consumer banking arm of financial giant JPMorgan Chase, says the vendor -- which he would not name -- confirmed it received and maintained the tape, and that its offsite facility had been searched thoroughly after the tape disappeared. Kelly would not say if the data on the tape was encrypted, but says its data can be read only with special equipment and software. "We have no evidence to indicate any of the information has been viewed or used inappropriately," Kelly says.
A local ABC News station in Louisville, KY first reported the missing data tape and the notification letters being sent in August. Kelly says the notification letters are being sent out in batches, but would not say how long the tape has been missing, nor what type of customers' information (credit or banking) was on the tape. The electronic files, according to the notification letter, may have included names, addresses and Social Security numbers, but did not include any banking or financial information.
Affected customers are being offered a free one-year subscription to the bank's identity protection program, Kelly says.
For more information on 2009 data breaches involving financial institutions, see this interactive timeline