Capital One Data Breach

Capital One is one of the biggest banks in the United States. So, when the news broke of their data breach yesterday (July 29, 2019) customers and the population in general began to panic. 

 

What Happened?

To begin, Capital One released a statement informing customers and the public of a data breach. In the statement, the bank reported that roughly 100 million US customers and 6 million Canadian customers were among the affected in the data breach.

The customer information at risk includes, “credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, and self-reported income”.

Continuing, within that range of customers, Capital One said that, (directly quoted)

 

No bank account numbers or Social Security numbers appear compromised, other than:

• About 140,000 Social Security numbers of our credit card customers.

• Around 80,000 linked bank account numbers of our secured credit card customers.

 

All in all, this is their way of trying to deduce the severity of the breach. 

 

How did the attack occur?

After reviewing several articles, and the press release directly from Capital One, here is a break down of how the attack happened.

Transcribed in Capital One’s press statement, they said that the attack began with, “unauthorized access by an outside individual”. 

The outside individual has been identified as 33 year old, Paige A. Thompson. Paige Thompson is a software engineer from Seattle, who formerly worked for Amazon on AWS. 

Thompson was able to utilize a misconfiguration in a firewall to gain access to Capital One customer information. 

Before the attack, several signs and conversations about her plan appeared on various media platforms. The sites included GitHub, Slack and MeetUp. Posts on the various sites are what had initially pointed law enforcement her way. Thus allowing officials to make the arrest. 

Further, law enforcement took Thompson into custody on Monday (July 29, 2019). Subsequently, she has been charged with a single count of computer fraud, a maximum sentence of five years in prison and a $250,000 fine as reported by BBC News. 

 

What does this mean for the affected Capital One Customers?

In short, within the wake of the breach, Capital One is moving further with an investigation into the attack as well as the security of all their systems.

As a result, the bank currently notifying all affected account owners. This is in addition to offering free credit monitoring and identity protection to customers. 

If you are a Capital One card holder or customer, make sure you follow the correct procedure to file a claim and secure your account. 

Threat actors are taking advantage of the situation by creating malicious websites posing to be a claim site for Capital One. 

 

To make sure you do not fall victim to additional attacks (while filing a claim or looking for information) keep the next few steps in mind.

• Check all URLs and links to make sure the site is secure and validated.
• Look for correct spelling on web pages. Fake ones will have a slightly incorrect spelling in order to still appear in searches.
• Go directly to the Capital One website for information on press statements and claim procedures.

 

By Taylor Ritchey