659 JPMorgan clients affected by data breach at Fried Frank

A recent data breach involving Fried Frank has impacted the personal information of 659 clients at JPMorgan.

The incident originated at Fried, Frank, Harris, Shriver & Jacobson LLP, a nationally prominent law firm serving as counsel to JPMorgan Chase and various J.P. Morgan conduit funds.

According to official disclosures, the breach was traced to a single Fried Frank user account, which was compromised by an unauthorized third party. This party was able to copy files from one of Fried Frank’s shared network drives. The law firm discovered the breach on Oct. 27, 2025, and notified JPMorgan Chase on Dec. 9, 2025.

After Fried Frank provided the potentially impacted files, JPMorgan Chase performed an independent assessment to identify affected individuals. The breach exposed personally identifiable information (PII), including names, account numbers, Social Security numbers, passport numbers, other government ID numbers and contact information.

The files affected both investors in the fund and individuals otherwise connected to it, such as spouses or agents under a power of attorney.

The impact of the breach was nationwide, with 659 people affected in total. One person in Maine, 37 in Massachusetts and two in New Hampshire were reported as impacted.

The breach was disclosed to the Maine Attorney General, the Massachusetts Office of Consumer Affairs and Business Regulation and the New Hampshire Attorney General on Jan. 12, 2026.

JPMorgan Chase & Fried Frank's response

In response to the incident, JPMorgan Chase and Fried Frank conducted a thorough review to determine the scope of the breach and the specific information involved. They have worked together to enhance data security controls at Fried Frank, aiming to prevent similar incidents in the future.

For those affected, JPMorgan Chase has mailed written notices and is offering two years of free credit monitoring through Experian IdentityWorks. This service includes daily credit bureau monitoring, identity theft resolution support, and up to $1 million in identity theft insurance.

Affected individuals are encouraged to enroll in the complimentary credit monitoring service, review their credit reports for suspicious activity, and remain vigilant for unauthorized transactions or incidents of suspected identity theft. Additional steps, such as placing a fraud alert or security freeze on credit files, are also recommended.

The breach was isolated to Fried Frank’s systems; JPMorgan Chase’s own systems were not compromised and remain secure.