JP Morgan is now involved in a legal battle with Essilor Manufacturing, over a severe cyber security lapse. The allegation against the bank is that a significant security lapse that cost about $272m took place due to their negligence.
“The fraudulent transfers were all made in round dollar amounts (i.e., no cents), which was a dramatic departure from prior periods where round dollar transfers were relatively infrequent.” This is the official information from Essilor.
In its complaint, Essilor explains that JP Morgan couldn’t alert the former of a possible suspicious activity with respect to its New York bank account. As a result, a significant security lapse took place.
A report by Bloomberg confirms that some of the stolen money was recovered by Essilor. However, the process of recovering a substantial amount of the stolen money was highly tedious and exhaustive. Furthermore, despite high-level efforts, about $100m is yet to be retrieved.
The vulnerability took place in 2019. The French manufacturer of top names such as Ray-ban further explains that JP Morgan was available for possible fraudulent activity yet failed to notify Essilor.
According to research published in 2021 by a B2B firm, Kyckr, worldwide, 28 financial institutions were fined for AML-related security breaches in 2020.
What is noteworthy in this incident is that despite considerable investments in technology and security prevention, such a vast amount was at stake due to a lack of adequate security measures.
JP Morgan is among the most important financial institutions in the world. According to reports, the firm spends around $12bn a year on technology.
JP Morgan declined to add any comments on the issue. Unfortunately, Essilor seems to have refrained from sharing more comments.