JPMorgan pulls in the FBI to investigate cyber attacks

JPMorgan Chase & Co is investigating a possible cyber attack on its systems and is working with law enforcement authorities to determine the scope, a company spokeswoman confirmed on Thursday morning after days of speculation.

The bank was taking additional steps to safeguard sensitive or confidential information, company spokeswoman Trish Wexler said, but did not see unusual fraud activity at this time.

JPMorgan disclosed the investigation after the FBI said Wednesday evening it was investigating media reports earlier in the day that several U.S. financial companies have been victims of cyber attacks.

"We are working with the United States Secret Service to determine the scope of recently reported cyber attacks against several American financial institutions," FBI spokesman Joshua Campbell said in a statement.

Campbell did not name any companies or give more details, but several media reports had already named JPMorgan as one victim of the attacks. Other potential victims have yet to be named.

JPMorgan launched its investigation after malicious software was recently discovered in the bank's network, signaling it was the victim of a cyber attack, two people familiar with the incident told Reuters. The bank has yet to determine the severity, said the sources, who asked not to be identified because they were not authorised to speak publicly about the matter.

Bloomberg News had reported that Russian hackers were believed to have carried out cyber attacks against JPMorgan and another unnamed U.S. bank in mid-August, resulting in the loss of sensitive data. Authorities were investigating whether the breaches were linked to recent attacks on major European banks.

The New York Times reported late Wednesday the networks of JPMorgan and at least four other U.S. banks had been infiltrated in a string of coordinated attacks this month, citing four people familiar with the investigation.

The attackers stole large quantities of data, including checking and savings account information, though their motivation was not yet clear, according to the Times report, adding that several private security firms were hired to conduct forensic reviews of infected networks.