Capital One is one of the biggest credit card issuers in the world. On July 29th, 2019, Capital One confirmed that it is the victim of one of the largest data breaches in the history of the financial sector. A former software engineer of Amazon has been indicted on hacking charges.
MyTek will give full details regarding the hacking incident and its implications.
Here are the initial details:
Capital One has exposed personally identifiable information (PII) of over 100 million Canadian and American applicants. But no credit card numbers or authentication credentials were compromised. Thankfully, in the case of 99% of the files, no social security numbers were put at risk. However, small business and individual credit applications from 2005-2019 form the largest category of hacked data.
The perpetrator of the hacking incident, Paige Thompson of Seattle, Washington, was a former software developer for Amazon Web Services (AWS), who took advantage of a firewall misconfiguration to access sensitive information. On Monday, AWS confirmed that the flaw resulted from a setup error and not because of the AWS system problems.
The data breach took place from March 22 – 23, 2019. Thompson was arrested after being reported to Capital One for storing sensitive information on her Slack and Github accounts. Capital One reported the incident to the FBI on July 19, 2019. After a short investigation by the FBI, the Western District of Washington arrested and indicted Thompson.
The CEO of Capital One, Richard Fairbank, gave the following statement:
“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected, and I am committed to making it right.”
For more information about the incident, visit: https://www.capitalone.com/facts2019/
Capital One says it will inform you if you have been a victim of this massive hacking incident. However, if the waiting time is too much before the company reaches out to you, you can safeguard your personal information through some crucial tips.
- Regular Account Monitoring – With regular account monitoring, you can detect frauds at the earliest and take preventive measures.
- Frequently change your passwords – Change your password immediately. Make a habit of changing passwords every month at least. In this way, you reduce the risk of hackers guessing your password.
- Immediately freeze your credit report – By freezing your credit report, you can prevent hackers from withdrawing money with unauthorized entry. The credit card company will automatically block the details before the hacker can lay hands on them.
- Avoid unauthorized data access – Do not give anyone unauthorized access to your data like login details. You can easily safeguard your information with a two-factor authentication system, thereby avoiding phishing and ransomware.
- Ongoing vigilance – Ensure that you regularly monitor your account information, financial health, and personally identifiable information. With fraud detection and credit monitoring services, you can effectively tackle unauthorized access to your systems.
Keeping your business secure online is getting challenging day by day. To learn more about your sensitive data, subscribe to MyTek’s blog.