US officials investigating the data breach at JPMorgan are expected to file a criminal complaint against the hackers in the coming months, breaking the regular pattern of investigative dead ends in large corporate breaches.
The New York Times, citing people briefed on the investigation, reported that Federal authorities were increasingly confident of finding the criminals and bringing them before the law.
Law enforcement officials believe that several of the suspects are "gettable", as they live in a country with which the US has an extradition treaty.
Media reports earlier said a group of Russian hackers were behind the cyber-attack on JPMorgan and other banks. The US does not have an extradition treaty with Russia.
Possible arrests of the hackers would be a notable victory for US officials, as they were unable to catch wrongdoers in similar hacking attacks on large companies, including the ones at retailers Target, Home Depot and eBay.
Sources told the newspaper the case was advancing quickly, as the attack was not as sophisticated as initially believed, and law enforcement authorities were able to identify at least some suspects early on.
In addition, law enforcement officials made the investigation a top priority as the banking system has been declared critical infrastructure in the US, requiring additional protection from digital attacks.
In October 2014, JPMorgan announced that it had suffered a massive hacking attack, which resulted in hackers gaining access to email addresses and phone numbers of 83 million households and small businesses. The attack was one of the largest of its kind, and it revealed to the world that the American financial system was vulnerable.