WASHINGTON – A data breach at JP Morgan Chase has generated an inquiry from U.S. Reps. Joe Barton, R-Ennis/Arlington, co-founder of the House Privacy Caucus, and George Radanovich, R-Calif., to JP Morgan Chase CEO James Dimon.

One of JP Morgan Chase Bank’s offsite storage facilities lost a data tape, which may contain customers’ sensitive information, such as names, addresses, and Social Security numbers, and the lawmakers have asked Dimon to respond by Oct. 31 to their questions.

“Breaches like this are of concern because of the variety of malicious crimes that can be perpetrated using stolen personal information. Identity theft is a continuing problem and the resulting impact on an individual’s finances, credit rating, livelihood, and personal well-being from these crimes can be substantial,” wrote Barton and Radanovich, ranking members of the House Energy and Commerce Committee and Consumer, Trade and Consumer Protection Subcommittee, respectively. “The Energy and Commerce Committee has a long history of examining privacy and data security issues, and we recently passed a bill that mandates certain security measures, as well as notification of individuals whose information has been exposed in a breach of that security.”

Among the questions Barton and Radanovich asked:

1. How many customers were potentially affected by the lost tape in this incident?
   
2. How many affected customers were notified of this potential data breach?
   
3. Were all affected customers offered one year free enrollment in Chase Identity Protection?
   
4. Please explain the services the Chase Identity Protection program provides.
   
5. Will affected customers enrolled for one year in Chase Identity Protection automatically be subject to a charge for services once the free enrollment term has expired, or will the service automatically be discontinued (i.e., will the customer have to affirmatively renew the service after the one year expiration)?

A copy of the letter can be found here.