Blog

Hack of Capital One Exposes Information on 100,000 Customers

Hack of Capital One Exposes Information on 100,000 Customers

Capital One is one of the largest credit card issuers in the world. On July 29th 2019, Capital One made an announcement, confirming it is the victim of one of the largest data breaches in financial sector history, as a former software engineer for Amazon has been indicted on charges related to the hacking.

Here’s what we know:

Capital One has admitted that the personally identifiable information (PII) of over 100 million American and Canadian credit applicants’ information has been exposed. The company did admit that no credit card account numbers or authentication credentials were compromised in the hack. They also go on to mention that in 99 percent of the files, social security numbers were not compromised. The largest category of information that was accessed were individual and small business credit applications that span from 2005 to 2019.

The perpetrator, Paige Thompson of Seattle, Washington, was a former software developer for Amazon Web Services (AWS), which took advantage of a firewall misconfiguration to gain access to the information, AWS confirmed Monday. The flaw came as a result of a setup error and not a flaw within the massively popular AWS.

The breach happened on March 22 to 23, 2019. Thompson was apprehended as a result of being reported to Capital One for storing incriminating evidence on her Github and Slack accounts. Capital One contacted the FBI on July 19, 2019 and after a short investigation, Thompson was arrested and indicted by the Western District of Washington.

The CEO of Capital One, Richard Fairbank released the following statement:

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

For a full report of the event, visit: https://www.capitalone.com/facts2019/

Capital One has said that it will inform you if you have been a victim of this massive attack, but if like many of us, too much is at stake to wait for the company to reach out to you, you can take some immediate steps to safeguard your personal information.

  • Check your accounts - Account monitoring and fraud detection should be a major part of any action you take to secure personal information.
  • Change passwords - One great way to at least feel more secure after a major hack like this is to immediately change your passwords.
  • Freeze your credit report - One option you can take to protect yourself is to freeze your credit report, this won’t let any credit reporting services check your credit, meaning if someone were to try to take money out in your name that the banks wouldn’t be able to authorize credit.
  • Avoid scams - A big part of keeping any data secure is to not give unauthorized parties access to it. That means avoiding phishing attacks and other scams.
  • Continued vigilance - Vigilance over your account information, your personally identifiable information, and your overall financial health is more important than ever. As mentioned above, credit monitoring and fraud detection services give users tools to combat unauthorized access.

Keeping yourself and your business secure online is more difficult than ever. To learn more about data security, subscribe to our blog.

Related Posts

Starting in 2008, Verizon has produced a report outlining the cybersecurity incident trends that the previous year demonstrated. In doing so, they have provided a resource that gives businesses greater insights into where their cybersecurity efforts ...
A security audit is designed to test the overall integrity of your business when it comes to its IT security. In today’s environment, businesses need to have strengthened fortifications in place to protect themselves from cyberthreats, and these fort...
Conferencing has been an important tool for businesses as stay-at-home orders have moved their operations out of the office and into worker’s homes. While there are dozens of video conferencing solutions on the market, businesses should consider secu...
All types of businesses use cloud resources as a part of their IT infrastructure. It allows them to turn what was once a major capital expenditure into a controllable operating cost; and, it does it while offering solutions to almost any business pro...

Quick question. If I were to ask you, on the spot, to tell me where all of your company data is, right this moment, could you tell me with absolute confidence? What if I could prove you wrong?

The growing popularity of ransomware has been disconcerting to many IT professionals, particularly due to the different tactics that this malware variant has been spotted utilizing. In order to protect your business from these attacks, it helps to kn...
Businesses are looking to technology more than ever in a constant attempt to improve productivity and efficiency. One problem that some businesses face is that their staff isn’t exactly technologically savvy, making them difficult to communicate with...
Manufacturers are interesting businesses. Not only do they depend on manpower and technology to produce goods, they also rely on IT to power processes, manage their supply chain, and enhance organizational efficiency. With October being Cybersecurity...
With cybersecurity talent at such a critical shortage, data breaches that expose millions of people’s sensitive information are routine occurrences. It is one of the biggest problems that the modern business faces. Since shortages have businesses of ...
It’s not uncommon where a situation arises and you will find yourself working from home. To make this work, it is important that you keep a few additional issues in mind so that you can make the most of it. We have put together a few simple best prac...
Cybersecurity should always be a priority for a business, and cyber criminals are always evolving their tactics. As a result, it pays to keep an eye on the horizon for the next looming threats. Here, we’re reviewing a few threats that cybersecurity p...
Nearly everyone uses Google in some way or another. The search engine is, by far, the most common way people get answers and find content online. The margins aren’t even close, either. Currently, Google handles about 90% of search queries, while the ...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions