A software engineer in Seattle was able to hack into the records of a total of 100 million Capital One customers. According to reports, Paige A. Thompson tried to share the information with members of an online chat group. She was arrested by the Federal Bureau of Investigations.
"This news proves once again there’s no failproof when it comes to cybersecurity,” said Adam Levin, founder of CyberScout. "The threats are as persistent as our efforts to thwart them are relentless, but data breach and compromise are the third certainty.”
The list of compromised data reads like a privacy advocates worst case scenario. According to a company release, it included in some cases credit scores, credit limits, balances, payment history, and contact information.
Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018 were also compromised as were the Social Security numbers of approximately 140,000 Capital One credit card customers, “about 80,000 linked bank account numbers of the company’s secured credit card customers.” Additionally, approximately one million Canadian Social Insurance Numbers were exposed.
The company says 100 million individuals were affected in the United States, and another 6 million in Canada. The information exposed was provided to the company at the time of application for credit. According to the company release, “This information included…names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income.”
The Equifax data breach settlement of $700 million barely left the news cycle. 150 million individuals were affected in that breach. Initial numbers often change in breach situations, so the 100 million reported here may increase. At any rate, the breach is profound and will be costly.
Capital One estimates the cost in the near term to be between $100 to $150 million in 2019. Read more here.