The raid gathered account holders names and addresses but the bank said it did not involve critical information such as account and social security numbers.
It said in a filing with the Securities and Exchange Commission (SEC) that it had not seen any "unusual customer fraud related to this incident".
JP Morgan is the US's biggest bank.
Earlier this year there were reports that Russia had hacked into its systems.
In August the bank said it was co-operating with law enforcement officials over this suspected incident.Passwords
The bank said that "customers [whose accounts had been hacked] are not liable for unauthorized transactions on their account that they promptly alert the firm to".
JP Morgan says it is unlikely customers will need to take any action, such as changing their passwords or account information.
Its company spokeswoman, Patricia Wexler, said that the bank is not offering credit monitoring to customers either because it does not believe any financial information, account data or personally identifiable information was taken.
Other major US firms, including Home Depot and Target have been the subject of similar widescale attacks.
The Home Depot breach affected 56 million customer payment cards, while Target saw credit card data for 40 million customers stolen, as well as personal and identification information for 70 million other customers.