• 21 hours Want A Job? Forget About A Bachelor’s Degree
  • 1 day Another Major Car Maker Is Backing Hydrogen
  • 2 days Are Americans Finally Sold On Soccer?
  • 2 days Is The Tech Bubble About To Burst?
  • 3 days Coronavirus Could Cost Tourism Industry $80 Billion
  • 3 days What Web Traffic Trends Can Tell Us About The World
  • 3 days Miners Face Greater Headwinds
  • 4 days Boris Johnson Proposes Billion Dollar Bridge To Northern Ireland
  • 5 days Goldman Slashes Oil Price Forecast By $10
  • 6 days Tesla Raises $2 Billion In Share Selloff
  • 7 days What The T-Mobile Takeover Of Sprint Really Means For Markets
  • 7 days The U.S. Has Charged Huawei With Racketeering And Conspiracy
  • 7 days How Hydrogen Could Become The Fuel Of The Future
  • 8 days Millennials Can’t Retire, But They’ll Still Have To Help Their Parents
  • 8 days This Gold Miner Just Increased Its Dividends By 40%
  • 8 days Airbnb IPO Under Threat As China's Economy Drags
  • 9 days The Infamous Equifax Hack Just Became A National Security Issue
  • 9 days BHP Takes The Crown As World’s Top Copper Miner
  • 9 days Tesla Reopens Chinese Factory After Coronavirus Scare
  • 10 days Armed Troops Storm El Salvador’s Parliament
The Politics Of Love In The Digital World

The Politics Of Love In The Digital World

Political campaigners across the country…

The Lucrative New Tech Hijacking Your Privacy

The Lucrative New Tech Hijacking Your Privacy

Privacy advocates say facial recognition…

Mobile Bank Startup Is Bent On Disrupting Big Finance

Mobile Bank Startup Is Bent On Disrupting Big Finance

European mobile bank startup N26…

  1. Home
  2. Tech
  3. Tech News

Lone Hacker Taps Data Of 100 Million Capital One Customers

hacker

A lone hacker has accessed the personal data of more than 100 million customers of America’s fifth-largest credit card issuer, Capital One, in the biggest data breaches ever in the financial services sector.

According to the bank and the US Department of Justice, a 33 year-old software engineer in Seattle, Paige Thompson, hacked into a server holding customer information for Capital one and gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers.

And she had plenty of time: Investigators said Thompson access that server from March 12 to July 17. 

If found guilty, she could face a sentence of up to five years in prison and a $250,000 fine, arguably a fairly small price to pay for the amount of data stolen.

So, are you a Capital One customer? And if so, are you at risk?

Yes, if you applied for a credit card from the US bank between 2005 through 2019, according to a Capital One  statement.

But the bank says that credit card account numbers were not part of the data heist. And even though 140,000 Social Security Numbers were breached, Capital One points out that over 99% of Social Security numbers were not affected.

"No credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised," Capital One stated.

However, the breach did include names, addresses, ZIP codes, phone numbers, email addresses and birthdates.

Capital One said it would notify people affected by the breach and will make free credit monitoring and identity protection available.

The company expects the hack will cost it approximately $100 million to $150 million, which includes the cost of notifying customers, credit monitoring, tech costs and legal support.   Related: Another Surprising Industry Falls Victim To Ongoing Trade War Chaos

"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," said Richard D. Fairbank, chairman and CEO, in a statement. "I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."

Thompson, the hacking suspect, previously worked for Amazon Web Services, which hosted the Capital One database.

Thompson has been arrested and charged with one count of computer fraud and abuse. Investigators were able to identify her because she left an online footprint and boasted about the hack.

The Justice Department has referred to Thomspon as “erratic”. 

Thompson posted the information on GitHub, using her own name, adding that she also indicated on social media that she had Capital One information.

The FBI noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and Slack.

“I’ve basically strapped myself with a bomb vest,” Thompson wrote in a Slack post, according to prosecutors, “dropping capital ones dox and admitting it.”

This latest hack follows a massive data breach at Equifax data breach in 2017 involving the Social Security numbers and home addresses of nearly 148 million Americans.

Equifax has agreed to pay at least $575 million and $700 million to the US Federal Trade Commission, the Consumer Financial Protection Bureau, 48 states, DC and Puerto Rico over the breach.

Initially, there would be a $300-million fund to compensate affected consumers who purchased credit-monitoring services from Equifax. Equifax will also pay $175 million to states and districts, and $100 million in civil penalties to the Consumer FInancial Protection Bureau.

By Michael Kern for Safehaven.com

More Top Reads From Safehaven.com

Back to homepage

Leave a comment

Leave a comment