Capital One is reporting a massive data breach affecting 100 million people in the US that exposed the names, addresses, phone numbers and email addresses they used on their credit card applications. The announcement has come after the alleged hacker, an ex-AWS employee was arrested and charged with a single count of computer fraud. Prosecutors alleged that the access to the bank data came through a misconfigured firewall protecting one of its applications.
- About 100m individuals based in the US and 6m in Canada had their information compromised in the breach. About 1.1m Social Security Numbers and 80,000 linked bank account numbers were also accessed
- The breach took place in late March but was not discovered until this month
- The data theft revelations come just days after the credit reporting agency Equifax agreed to pay almost $800m in a record US settlement after a 2017 hack that exposed the personal data of close to 150m people
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
