from Hacker News

Entry Point of JPMorgan Data Breach Is Identified

by weef on 12/23/14, 4:54 AM with 9 comments

  • by jdawg77 on 12/23/14, 3:30 PM

    The most advanced, at least in terms of haptic based cryptography, is owned by Bank of America in the US. When reading through the USPTO, I didn't see anything revolutionary owned by JPMorgan.

    To me the awesome news here is that while the leak happened, it's accountable 100%. That's very swift closure compared to many, many other data breaches of the past.

  • by msimpson on 12/23/14, 6:30 PM

    "Big corporations like JPMorgan spend millions — $250 million in the bank’s case — on computer security every year to guard against increasingly sophisticated attacks like the one on Sony Pictures."

    Yes, sophisticated attacks like finding a passwords.txt file.

  • by brohoolio on 12/23/14, 11:35 AM

    One server without two factor got them owned? Makes you wonder what else was going on. Did they have ssh keys or something that got them further into the network?

  • by xedarius on 12/23/14, 2:33 PM

    Usually access to banks networks are guarded with an RSA fob + password. It's unclear from the article if JP use that system or not.

  • by tlrobinson on 12/23/14, 6:45 AM

    "Two people briefed on the matter said that an N.S.A. special team will sometimes work with a corporate victim of hackers to ensure that no trap doors remain."

    Well, no NSA backdoors, at least.