Comparison Overview

J.P. Morgan

VS

JPMorganChase

J.P. Morgan

270 Park Avenue, New York, NY, US, 10017
Last Update: 2026-04-02
View Profile
Between 800 and 849
http://www.jpmorgan.com

J.P. Morgan is a leader in financial services, offering solutions to clients in more than 100 countries with one of the most comprehensive global product platforms available. We have been helping our clients to do business and manage their wealth for more than 200 years. Our business has been built upon our core principle of putting our clients'​ interests first. J.P. Morgan is part of JPMorgan Chase & Co. (NYSE: JPM), a global financial services firm. Social Media Terms and Conditions: https://bit.ly/JPMCSocialTerms © 2017 JPMorgan Chase & Co. JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 82,484
Subsidiaries: 0
12-month incidents
1
Known data breaches
1
Attack type number
2
View Profile

JPMorganChase

270 Park Avenue, New York, NY, US, 10017-2014
Last Update: 2026-04-01
Between 750 and 799
http://www.jpmorganchase.com

With a history tracing its roots to 1799 in New York City, JPMorganChase is one of the world's oldest, largest, and best-known financial institutions—carrying forth the innovative spirit of our heritage firms in global operations across 100 markets. We serve millions of customers and many of the world’s most prominent corporate, institutional, and government clients daily, managing assets and investments, offering business advice and strategies, and providing innovative banking solutions and services. Social Media Terms and Conditions: https://bit.ly/JPMCSocialTerms JPMorgan Chase & Co. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 224,255
Subsidiaries: 21
12-month incidents
0
Known data breaches
7
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/jpmorgan.jpeg
J.P. Morgan
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/jpmorganchase.jpeg
JPMorganChase
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
J.P. Morgan
100%
Compliance Rate
0/4 Standards Verified
JPMorganChase
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

J.P. Morgan has 50.5% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for JPMorganChase in 2026.

Incident History — J.P. Morgan (X = Date, Y = Severity)

J.P. Morgan cyber incidents detection timeline including parent company and subsidiaries

Incident History — JPMorganChase (X = Date, Y = Severity)

JPMorganChase cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/jpmorgan.jpeg
J.P. Morgan
Incidents

Date Detected: 3/2026
Type:Cyber Attack
Attack Vector: Email
Blog: Blog

Date Detected: 8/2021
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/jpmorganchase.jpeg
JPMorganChase
Incidents

Date Detected: 11/2025
Type:Breach
Blog: Blog

Date Detected: 10/2025
Type:Breach
Attack Vector: Compromised User Account
Blog: Blog

Date Detected: 5/2025
Type:Ransomware
Attack Vector: Legitimate software and open-source pen-testing tools
Motivation: Financial Gain
Blog: Blog

FAQ

J.P. Morgan company demonstrates a stronger AI Cybersecurity Score compared to JPMorganChase company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

JPMorganChase company has faced a higher number of disclosed cyber incidents historically compared to J.P. Morgan company.

In the current year, J.P. Morgan company has reported more cyber incidents than JPMorganChase company.

JPMorganChase company has confirmed experiencing a ransomware attack, while J.P. Morgan company has not reported such incidents publicly.

Both JPMorganChase company and J.P. Morgan company have disclosed experiencing at least one data breach.

J.P. Morgan company has reported targeted cyberattacks, while JPMorganChase company has not reported such incidents publicly.

JPMorganChase company has disclosed at least one vulnerability, while J.P. Morgan company has not reported such incidents publicly.

Neither J.P. Morgan nor JPMorganChase holds any compliance certifications.

Neither company holds any compliance certifications.

JPMorganChase company has more subsidiaries worldwide compared to J.P. Morgan company.

JPMorganChase company employs more people globally than J.P. Morgan company, reflecting its scale as a Financial Services.

Neither J.P. Morgan nor JPMorganChase holds SOC 2 Type 1 certification.

Neither J.P. Morgan nor JPMorganChase holds SOC 2 Type 2 certification.

Neither J.P. Morgan nor JPMorganChase holds ISO 27001 certification.

Neither J.P. Morgan nor JPMorganChase holds PCI DSS certification.

Neither J.P. Morgan nor JPMorganChase holds HIPAA certification.

Neither J.P. Morgan nor JPMorganChase holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References