Hacker Hits 100 Million People in Capital One Data Breach
Another data breach is hitting 100 million people.
Capital One Financial Corporation announced that a hacker obtained personal information from people who applied for its credit card products and to Capital One credit card customers. It happened on March 22 and 23, but wasn't noticed until July 19.
The FBI arrested and charged Paige Thompson with computer fraud and abuse, in what the the Washington Post is calling "the largest data breach ever to hit a financial services firm."
"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," said Richard D. Fairbank, Chairman and CEO. "I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."
100 million in the U.S. and 6 million more in Canada were affected. "It is unlikely the information was used for fraud or disseminated by this individual. However, we will continue to investigate," Capital One promised. "Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised."
The information accessed was mainly from customers and small businesses who applied for credit card products from 2005 through early 2019, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.
Beyond the credit card application data, the individual also obtained portions of credit card customer data, including:
*Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information
*Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018
No bank account numbers or Social Security numbers were compromised, other than:
*About 140,000 Social Security numbers of our credit card customers
*About 80,000 linked bank account numbers of our secured credit card customers
Capital One plans to notify everyone affected and make free credit monitoring and identity protection available. Customers are also advised to monitor their credit card accounts for suspicious activity. "Safeguarding applicant and customer information is essential to our mission and our role as a financial institution. We have invested heavily in cybersecurity and will continue to do so. We will incorporate the learnings from this incident to further strengthen our cyber defenses."
Learn more at Capitolone.com/facts2019 or call 1-800-227-4825 to speak with a Capital One agent.