Capital One Provides Initial Details on Hack of Credit Card Customers’ Personal Data

Paige A. Thompson, Capital One hacker suspect
Paige A. Thompson, Capital One hacker suspect.

A letter dated Monday July 29, 2019 by Capital One Financial Corporation (NYSE: COF) announced that on July 19, 2019, the banking company determined there was unauthorized access by an outside individual who obtained certain types of personal information relating to people who had applied for its credit card products and to Capital One credit card customers.

Capital One immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement. The FBI has arrested the person responsible. Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual. However, we will continue to investigate.

Info about Suspect

The FBI has arrested the person, reportedly in Seattle, identified as Paige A. Thompson, a former employee of Amazon Web Services, was arrested on charges of computer fraud and abuse Monday, July 29, 2019. Prosecutors say the hack took place between March 12 and July 17.

— General News Summary

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

Based on our analysis to date, this event affected approximately 100 million individuals in the United States and approximately 6 million in Canada.

Importantly, no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.

The largest category of information accessed was information on consumers and small businesses as of the time they applied for one of our credit card products from 2005 through early 2019. This information included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.

Beyond the credit card application data, the individual also obtained portions of credit card customer data, including:

– Customer status data, e.g., credit scores, credit limits, balances, payment history, contact information

– Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018

No bank account numbers or Social Security numbers were compromised, other than:

– About 140,000 Social Security numbers of our credit card customers

– About 80,000 linked bank account numbers of our secured credit card customers

For our Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised in this incident.

We will notify affected individuals through a variety of channels. We will make free credit monitoring and identity protection available to everyone affected.

Safeguarding applicant and customer information is essential to our mission and our role as a financial institution. We have invested heavily in cybersecurity and will continue to do so. We will incorporate the learnings from this incident to further strengthen our cyber defenses.

The investigation is ongoing and analysis is subject to change.




MORE INFO BELOW ADS …




^^ MOBILE? USE VOICE MIC ^^

 facebook … 

GET ALERTS on Facebook.com/ArlingtonCardinal

GET ALERTS on Facebook.com/CardinalEmergencies

GET ALERTS on Facebook.com/ArlingtonHeightsCrime

Please ‘LIKE’ the ‘Arlington Cardinal Page. See all of The Cardinal Facebook fan pages at Arlingtoncardinal.com/about/facebook …


Help fund The Cardinal Arlingtoncardinal.com/sponsor


THANKS FOR READING CARDINAL NEWS

Paige A. Thompson, Capital One hacker suspect
Paige A. Thompson, Capital One hacker suspect.