Disclosure: The Points Pundit retains 100% editorial control and receives NO compensation from affiliate partnerships for the content on this blog. Support the blog by applying for a card through my personal referral links, at no extra cost to you.

 

Close on the heels of what happened with Equifax, we’re experiencing one more major security incident in the world of personal finance. One of the major credit card issuers, Capital One, was recently hacked.

Capital One Data Breach

The accused, Paige Thomson, broke into a Capital One server and gained access to over 140,000 Social Security Numbers, 1 Million Canadian Social Insurance Numbers and 80,000 Bank account numbers. She also gained access to a massive trove of data containing people’s names, addresses, credit scores, credit limits and balances.

The 33 year old woman from Seattle worked for a cloud hosting company that Capital One was using. She gained access to the data by breaking through a misconfigured web application firewall. The DOJ confirmed the news of her arrest on Monday. The actual hack occurred on March 22 and 23.

Investigation and arrest

As per this report by CNN, it seems like Paige wasn’t really careful while trying to get away with this crime.

The criminal complaint against Thompson paints a picture of a less-than-careful suspect. Thompson posted the information on GitHub, using her own name, the complaint says, adding that she also indicated on social media that she had Capital One information.
The FBI special agent who investigated Thompson believes Thompson tweeted that she wanted to distribute Social Security numbers along with full names and dates of birth.

Capital One’s Response

After the news broke out, Capital One responded with a press release confirming the incident. As per the press release, they only discovered the occurrence of the incident on July 19.
Capital One immediately fixed the configuration vulnerability that this individual exploited and promptly began working with federal law enforcement. The FBI has arrested the person responsible and that person is in custody.

The Chairman and CEO Richard D. Fairbank put out a statement as well:

While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.

The bank expects the hack to cost them anywhere between 100-150 million dollars.

The Pundit’s Mantra

This hack further exposes the vulnerability of our data. Such incidents shine a light on how our information may not be safe. One can only imagine how much of this information will keep floating around the dark web. We should also note here that it took Capital One 3 months to identify the occurrence of this incident.

What precautions do you take to keep your personal information safe? Let us know in the comments section.

Never miss out on the best miles/points deals. Like us on Facebook ,follow us on Instagram and Twitter to keep getting the latest content!