BATON ROUGE, LA (WAFB) - Some Louisiana residents may be at risk of their personal information being exposed after three Louisiana agencies were notified that computer security systems, run by JP Morgan Chase, have been hacked.
According to the Office of Louisiana State Commissioner Kristy Nichols, cardholders who have accounts with the Louisiana Department of Revenue (LDR), the Louisiana Workforce Commission (LWC), and the Louisiana Department of Children and Family Services (DCFS) may be affected if they registered their cards and "performed certain actions online" on the JP Morgan U-Card Center website between July and September of 2013.
JP Morgan Chase has a contract with the Louisiana Department of Treasury for issuing debit cards through certain state agencies. The LDR has about 6,000 Louisiana residents who receive a pre-loaded debit card, powered by JP Morgan Chase, for state tax refund distribution purposes. Approximately 5,300 cardholders have debit cards for child support, and 2,200 state citizens are receiving unemployment benefits through the LWC.
Commissioner Nichols announced that, according to JP Morgan Chase, there is no evidence that the information has been fraudulently used, and an investigation is ongoing as they continue to monitor the security statuses for all cardholders involved.
JP Morgan Chase officials say they have been notifying each cardholder by email, explaining how their personal information was compromised.
"We will be working with law enforcement officials as this investigation continues," stated Commissioner Kristy Nichols. "We will hold JP Morgan Chase responsible to make certain that the rights and personal privacy of these Louisiana citizens is protected."
The State Commissioner's Office reports JP Morgan Chase officials have indicated that the breach was not limited to Louisiana alone.
The press release in full reads as follows:
Agencies Notified of Breach Across Certain JPMorgan Chase Systems
"BATON ROUGE – Commissioner Kristy Nichols announced that three Louisiana state agencies were notified by JP Morgan Chase today that a data breach may have exposed the personal information of certain Louisiana citizens. The Louisiana Department of Revenue (LDR), the Louisiana Workforce Commission (LWC), and the Louisiana Department of Children and Family Services (DCFS) received information that computer hackers had penetrated Chase's computer security systems. JP Morgan Chase officials have indicated that this breach is not an issue isolated to Louisiana.
"About 6,000 Louisiana recipients of a pre-loaded debit card used by LDR to distribute state income tax refunds could have been compromised, as well as approximately 5,300 DCFS child support debit cardholders and about 2,200 Louisianans receiving unemployment benefits via a JP Morgan Chase debit card. Through a contract with the Louisiana Department of the Treasury, JPMorgan Chase issues debit cards for certain state agencies, including LDR, DCFS and LWC.
"According to the bank, the data exposure affects only cardholders who registered their cards on the JPMorgan UCard Center website and, between July and September 2013, performed certain actions online. JPMorgan is notifying each affected cardholder by email of the specific manner in which their information was compromised. JP Morgan Chase states that there is no evidence that the information has been fraudulently used, and they continue to monitor the security status for all cardholders involved.. An investigation as to the causes of this security violation is ongoing.
"'We will be working with law enforcement officials as this investigation continues,' stated Commissioner of Administration Kristy Nichols. 'We will hold JP Morgan Chase responsible to make certain that the rights and personal privacy of these Louisiana citizens is protected.'"