Capital one, a bank holding company, recently faced a significant data breach that took place in March 2019. This enormous breach included the personal information and credit card details of 106 million people, 100 million from the United States, and 6 million based in Canada.
The breach also included the information of customers that applied for credit card between the year 2005 and 2019.
After the breach, the bank holding company assured its users that their credit card account numbers or their login credentials were not compromised in this breach.
What was the Vulnerability in their System?
The hacker exploited some configuration vulnerability in Capital One’s system. This vulnerability caused a colossal data breach. The breach happened back in March between the 22nd and 23rd of March, but the company figured it out on 19th July.
Just after knowing about the issue, Capital One’s security team figured out the vulnerability in the configuration, and they readily fixed it and, said that there is no other loophole in their system and they scan their systems regularly.
Moreover, the company said that they would notify those people who are affected, and those individuals will be provided with identity protection and free credit monitoring.
Impact of the breach on the Customers
According to the bank holding company, no social security or bank account numbers were compromised other than 80,000 linked bank account numbers of customers with a secured credit card and about 140,000 social security numbers of credit card users were breached.
The other personal information of some customers like date of birth, address, credit-limits, contact-information, payment-history, etc. was also breached.
Hacker got arrested and charged for his crime
The FBI arrested the hacker named, “Paige Thompson” for committing this cybercrime. The cyber-criminal was a former Amazon Web Services software engineer that had previously worked for the Capital One contractor back in the year 2015-16. It is said in the Court Documents that the hacker talked about this breach on an online forum.
After being arrested by the FBI, she was taken to the U.S. District Court on Monday. The next hearing in the District Court is expected on 1st August 2019.
For this computer fraud and abuse, she was fined $250,000 and five years in prison. She used the TOR browser with a VPN to remain anonymous, but she was traced at the end and caught by the FBI.
Said by Chairman and CEO, Fairbank in a Press Release
More on this Issue: https://www.capitalone.com/facts2019/
For Canadian Users: https://www.capitalone.ca/facts2019/