• 3 days Chinese Stocks Rebound After Regulatory Scare
  • 5 days Apple Stocks Falls After Blowout Earnings Report
  • 5 days The 5 Biggest IPO Disasters Of 2021
  • 6 days Crypto-Based ‘Shadow Financial Market’ Spooks Regulators
  • 9 days Ireland Balks At Biden’s Global Tax Plan
  • 12 days Robinhood To Trade On Nasdaq Targeting $32B Valuation
  • 15 days Facial Recognition Is Watching You
  • 17 days Biden’s $3.5T ‘Human Infrastructure’ Workaround
  • 17 days The Fed’s $3 Trillion Headache
  • 20 days Why Bitcoin Could Struggle To Recover After Epic Crash
  • 20 days Wells Fargo Back In The Spotlight Over Personal Loan Cancellations
  • 21 days Delta Variant Real Threat To Economic Recovery
  • 24 days JEDI Drama Continues With Microsoft Contract Cut
  • 26 days DiDi Shares Take a Beating From Chinese Regulators
  • 27 days Thousands Of Companies Hit In Latest Ransomware Attack
  • 27 days Jobs Report Has Big Numbers, But Still Big Problems
  • 28 days Robinhood’s ‘Mission’ Questioned in $70M Fine
  • 31 days Didi Just Went Public, And Uber Is Loving It
  • 32 days Islamic Finance On Track To Hit $3.7 Trillion
  • 33 days The Lumber Bubble Is Bursting
Thousands Of Companies Hit In Latest Ransomware Attack

Thousands Of Companies Hit In Latest Ransomware Attack

A Russia-linked hacker group REvil…

TikTok’s 11th-Hour Reprieve

TikTok’s 11th-Hour Reprieve

U.S. President Donald Trump appears…

  1. Home
  2. Tech
  3. Tech News

Lone Hacker Taps Data Of 100 Million Capital One Customers

hacker

A lone hacker has accessed the personal data of more than 100 million customers of America’s fifth-largest credit card issuer, Capital One, in the biggest data breaches ever in the financial services sector.

According to the bank and the US Department of Justice, a 33 year-old software engineer in Seattle, Paige Thompson, hacked into a server holding customer information for Capital one and gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers.

And she had plenty of time: Investigators said Thompson access that server from March 12 to July 17. 

If found guilty, she could face a sentence of up to five years in prison and a $250,000 fine, arguably a fairly small price to pay for the amount of data stolen.

So, are you a Capital One customer? And if so, are you at risk?

Yes, if you applied for a credit card from the US bank between 2005 through 2019, according to a Capital One  statement.

But the bank says that credit card account numbers were not part of the data heist. And even though 140,000 Social Security Numbers were breached, Capital One points out that over 99% of Social Security numbers were not affected.

"No credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised," Capital One stated.

However, the breach did include names, addresses, ZIP codes, phone numbers, email addresses and birthdates.

Capital One said it would notify people affected by the breach and will make free credit monitoring and identity protection available.

The company expects the hack will cost it approximately $100 million to $150 million, which includes the cost of notifying customers, credit monitoring, tech costs and legal support.   Related: Another Surprising Industry Falls Victim To Ongoing Trade War Chaos

"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened," said Richard D. Fairbank, chairman and CEO, in a statement. "I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right."

Thompson, the hacking suspect, previously worked for Amazon Web Services, which hosted the Capital One database.

Thompson has been arrested and charged with one count of computer fraud and abuse. Investigators were able to identify her because she left an online footprint and boasted about the hack.

The Justice Department has referred to Thomspon as “erratic”. 

Thompson posted the information on GitHub, using her own name, adding that she also indicated on social media that she had Capital One information.

The FBI noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and Slack.

“I’ve basically strapped myself with a bomb vest,” Thompson wrote in a Slack post, according to prosecutors, “dropping capital ones dox and admitting it.”

This latest hack follows a massive data breach at Equifax data breach in 2017 involving the Social Security numbers and home addresses of nearly 148 million Americans.

Equifax has agreed to pay at least $575 million and $700 million to the US Federal Trade Commission, the Consumer Financial Protection Bureau, 48 states, DC and Puerto Rico over the breach.

Initially, there would be a $300-million fund to compensate affected consumers who purchased credit-monitoring services from Equifax. Equifax will also pay $175 million to states and districts, and $100 million in civil penalties to the Consumer FInancial Protection Bureau.

By Michael Kern for Safehaven.com

More Top Reads From Safehaven.com

Back to homepage

Leave a comment

Leave a comment