Capital One announced data breach2019-07-30 17:18 by Daniela
In one of the biggest data breaches ever, a hacker gained access to more than 100 million Capital One customers' accounts and credit card applications earlier this year. The bank announced the hack the same day the FBI arrested a suspect, Paige A. Thompson, who worked for Amazon Web Services years before the digital theft took place.
The breach compromised names, addresses, phone numbers, emails, dates of birth, and self-reported incomes. Capital One's press release also claims that 140,000 US Social Security numbers, 80,000 bank account numbers, and 1 million Canadian social insurance numbers were also compromised. Most of the compromised information came from consumers and small businesses that applied for a credit card between 2005 and 2019.
"The intrusion occurred through a misconfigured web application firewall that enabled access to the data," a statement by the US attorney's office in Washington said. "On July 17, 2019, a GitHub user who saw the post alerted Capital One to the possibility it had suffered a data theft."
"Capital One immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement. The FBI has arrested the person responsible and that person is in custody. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate," the firm said in a statement.
Read more -here-