JPMorgan Chase & Co. said Thursday that about 465,000 users of a prepaid cash card may have had their personal information hacked.
The card, UCard, is used in corporate or government prepaid benefit programs, such as food stamps, unemployment benefits or tax refunds. Corporations use UCard to pay workers who don’t have checking accounts.
The hackers had access to the personal information from mid-July to mid-September. Michael Fusco, a spokesman for JPMorgan, said the bank found no evidence the information accessed was used improperly.
The State of Pennsylvania Treasury Department, one of the state government agencies who use UCard, said the types of information possibly accessed are the customer’s UCard number, their date of birth, user ID and email address. The Pennsylvania Treasury said 26,000 accounts were compromised.
The Pennsylvania Treasury said Chase was unable to explain how the breach occurred, and the breach has been referred to law enforcement.
Connecticut state treasurer Denise Nappier said approximately 14,335 accounts were affected in Connecticut, according to a statement.
The breach does not affect banking customers who have credit or debit cards, or customers of the prepaid Chase Liquid card, according to the bank.