Capital One Credit Card data breach affects its 100 million customers

Virginia based Financial Corporation ‘Capital One’ which specializes in auto loans and credit card service offerings has made it official that a hacker had accessed credit card details of more than 100 million of its customers and probably could have taken information regarding their social security numbers and other bank details.

The recently disclosed hack of Capital One could turn into one of the largest data breaches of this year and possibly all times.

FBI is said to have taken a woman named Paige A Thompson from Seattle in this regard as more details are awaited!

“I am happy because the perpetrator has been caught, but at the same time deeply sorry for what has happened”, said Richard D Fairbank, the Chairman and the CEO of Capital One.

Security researchers say that the cyber incident and its disclosure could cost the McLean based company over $150 million which includes credit monitoring service offering to its customers for free, share market crisis after disclosure, loss of reputation in the market and such.

Capital One data breach disclosed by the company officials confirms that no log-in credentials of the credit cards were compromised in the incident and the exposed details related to social security numbers was meager.

When the female suspect was presented in the court last week, Ms. Thompson agreed that the way she has acted was illegal and she recognized her deeds as a crime. Till further investigation is conducted, she was sentenced to jail for a fortnight.

A few weeks back, Paige A Thompson whose online name was “Erratic” is said to have posted on her social media account that she had access to the database of Capital One Credit Card customers. This attracted the attention of law enforcement who laid a honey trap to arrest her last week.

Note 1- On July 17th this year, a hacker alerted the authorities of Capital One of the data breach and posting of data on a technology discussion forum. This made the bank authorities report the incident to the FBI who caught hold of Thompson within two days.

Note 2- Ms. Thompson is said to have accessed data related to over 140,000 social security numbers and info related to more than 77,000 accounts of credit card users from the said bank.

Note 3- Whether the hacker succeeded in selling that data in the dark world is yet to be probed.

Note 4- Paige A Thompson was a former Amazon Web Services Engineer who reportedly stole the info from Capital One’s AWS Cloud Server. Highly placed sources say that she already knew about the technicalities to break into the secured server. But whether she succeeded in breaking the encryption is yet to be probed.

Note 5- As per a source reporting to Cybersecurity Insiders, the fault was not with the Amazon Storage Services and was probed to be with the way Capital One’s IT staff was using the storage buckets with a firewall misconfiguration.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display