The JPMorgan Chase Corporate Challenge, a series of charitable races held each year in big cities across the world, is one of those feel-good events that bring together professionals from scores of big companies.
It was also a target for the same cyberthieves who successfully breached the bank’s digital perimeters, compromising the accounts of 76 million households and seven million small businesses, according to people with knowledge of the matter.
The JPMorgan Chase Corporate Challenge website, which is managed by an outside vendor, has been conspicuously inaccessible since early August, with visitors to the site seeing only a lonely list of coming races. The link between the breach on that website and the broader attack, which the bank said did not compromise any financial information, has not been previously reported.
The bank said it discovered the breach in the Corporate Challenge website on Aug. 7, about a week after it learned of the broader intrusion into its computer network. By infiltrating the race website, hackers were able to gain access to passwords and contact information for participants, the bank informed them.