By Shawna Ohm
“Banks like Wells Fargo (WFC) have come out and said, ‘We weren’t the victims of a hack, and if we were it was a very, very minor thing.’ JPMorgan is saying no accounts were compromised and that no personal data was taken, but obviously it’s a very disturbing thing,” said Yahoo Finance Editor-in-Chief Aaron Task.
“If you get my credit card information, you can go on a spending spree, but I’ll call the credit card company and say that it wasn’t me and it’ll be fixed. But if [hackers] drain your bank account you’ve got a big problem on your hands,” he added.
Technically, all bank accounts are insured by the Federal Deposit Insurance Corporation, but according to the FDIC, that only covers bank failure.
In an e-mail to Yahoo Finance, the FDIC says, “Our deposit insurance protection does not apply in the case of theft of fraud. Generally speaking, banks have insurance to protect against theft, either physical or cyber.”
Yahoo Finance reached out to JPMorgan to see what type of insurance measures are in place to protect consumers, and is waiting on a response.
While a lack of FDIC protection in the event of a hack might be troubling to consumers, more troubling, perhaps, is that consumers are usually the last to know when a company's security is compromised. (When Target (TGT) was hacked last year, journalist and cyber security expert Brian Krebs discovered the breach before the company did.)
Right now, there looks to be more questions than answers when it comes to the JP Morgan attack. How many gigabytes of data were stolen? Is this hack tied to similar hacks that have hit European banks? Are Russian hackers responsible? If they are, is the attack in retaliation for U.S. government sanctions against Russia? How long did hackers have access to JPMorgan's systems?
“This is a national security issue,” said Yahoo Finance's Jeff Macke. “If you want to go after this country, you don’t fight our drones or our missiles or our soldiers. What you do is, you go after our banks. You’re talking about nasty, national anarchy if they actually manage to drain our accounts on that level.”
It’s no wonder, then, that big banks spend big bucks on security. JPMorgan has said it plans to spend $250 million on cyber security in 2014. Banks are even pressing their law firms, which handle sensitive information for the banks, to boost their cyber security defenses as well.
“It’s a nightmare scenario,” said Macke. “If you want to keep people up at night this is a fantastic way to go about doing it.”
At this point, bankers may be having more sleepless nights worrying about hackers than American consumers are, and that’s not a good thing.
“It’s important to point out that up until now, it’s been mostly the banks and the credit card companies that bear the risk here,” said Yahoo Finance columnist Rick Newman. “That breeds complacency among consumers.”
That’s definitely not a good thing. “It is absolutely astonishing what hackers can do to get into your personal accounts and how easy it is.”
The best way to protect yourself is as easy as 1, 2, 3, 4. Or rather, NOT using 1234 as a password.
“People have to get serious about passwords. You can look this up on the web, there are a lot of good guides for how to create good passwords,” Newman said. Microsoft (MSFT), Google (GOOGL) and a gaggle of news sites (including Yahoo Finance) all offer tips for how to create a strong and safe password. And if you have trouble remembering all of the numbers and characters that go into a safe password, don’t worry – there’s an App for that.
More from Yahoo Finance