JPMorgan has revealed that a cyber strike on its systems successfully compromised data belonging to 76 million households and seven million small to medium sized businesses.
The breach was originally reported in August and is believed to have been mounted by a group of Russian hackers. The number of customers affected was unknown until JPMorgan revealed the figure in a court filing.
The figures led to widespread reports that the firm had suffered a second data breach, although a JPMorgan spokeswoman dismissed these reports.
"We are not aware of any new attack. Any report that there was a second breach is false," she told V3.
The court filing showed that information stolen included customers' contact information and "internal JPMorgan Chase information relating to such users".
However, JPMorgan insisted that several key pieces of information were not compromised.
"There is no evidence that account information for such affected customers - account numbers, passwords, user IDs, dates of birth or Social Security numbers - was compromised during this attack," the company said.
"As of such date, the firm continues not to have seen any unusual customer fraud related to this incident."
Many security professionals have expressed concerns about the size of the breach, despite JPMorgan's assurances.
Tim Erlin, director of IT security and risk strategy at Tripwire, described the attack as proof that financial institutions need to improve cyber security to avoid similar breaches.
"All other large financial institutions should take note of this incident, and not only scrutinise their defences, but prepare for a public response before it's needed," he said.
"Large banks like JPMorgan are under constant cyber attack, and they thwart the majority of attempted break-ins.
"While there's little doubt that JPMorgan has taken action since the original incident was reported, the size and complexity of their network means they are unlikely to have rolled out new protections comprehensively by now. In situations like this, time is always the enemy."
Alert Logic's chief security evangelist, Stephen Coty, mirrored Erlin's sentiments, warning JP Morgan customers to be on their guard against follow up phishing attacks.
"There should be a notification to affected users to be on the lookout for spam campaigns or emails from the bank with a URL that you might not recognise," he said.
Improving financial service providers' security is an ongoing goal of law enforcement and government agencies across the world.
Europol's European Cybercrime Centre signed a Memorandum of Understanding with the European Banking Federation in September pledging to co-operate when combating cyber threats.
Stephenson will design the inside and outside of the futuristic Lillium jet.
The new policy is aimed at making the social network is a safer place
Amazon robot would probably be little more than an Amazon Echo on wheels
Citrix claims Workspot has 'continued to mislead the market' and use Citrix-patented features