Numerous states are now investigating a major data breach suffered by JPMorgan Chase in 2014, asking the company to turn over details regarding its security practices. Customer records that included names, addresses and phone numbers of up to 83 million members were stolen, though account numbers, passwords and Social Security numbers weren't impacted.
"Critical facts about the intrusion remain unclear, including details concerning the cause of the breach and the nature of any procedures adopted or contemplated to prevent further breaches," according to the letter obtained by Reuters, which more than one dozen states sent to JPMorgan Chase.
States also asked if the bank received reports of fraud, and a description of its past and current security protections.