Capital One says 106 million people's information hacked

Andrew Cummings
July 30, 2019

A solo hacker broke into the servers of Capital One Financial Corporation and accessed data pertaining to 106 million credit-card applicants from the United States and Canada, Capital One announced today (July 29) after the close of stock trading in NY.

The vulnerability was reported to the company by a security researcher on July 17, and the breach was discovered on July 19.

The Federal Bureau of Investigation (FBI) has arrested the hacker, named Paige Thompson, behind the data breach, in Seattle. She appeared in court on Monday and is scheduled for a detention hearing on Thursday.

SEATTLE-A hacker gained access to personal information from more than 100 million Capital One credit applications, the bank said on Monday, July 29, as federal authorities arrested a suspect in the case.

About 140,000 social security numbers and 80,000 linked bank account numbers were compromised, Capital One said.

"While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened", said Capital One CEO and chairman Richard Fairbank. "I sincerely apologize for the understandable worry this incident must be causing those affected".

Also exposed were customer status data, such as credit limits, scores, balances and payment history.

Thompson boasted about the hack in a Slack room, and a search warrant executed on her house turned up storage devices containing data from the breach.

The incident is expected to cost between $100 million and $150 million in 2019, mainly because of customer notifications, credit monitoring and legal support, Capital One said.

The breach in total affected about 100 million people in the USA and 6 million in Canada.

According to the news release, the company believes the person likely didn't use the information for fraud, nor did they release the information.

Thompson faces up to five years in prison and a $250,000 fine if convicted of on the charge of computer fraud.

Capital One Financial Corp., the nation's seventh-largest commercial bank with $373.6 billion in assets as of June 30, is the latest USA company to suffer a major data breach in recent years.

Investigators say they verified Thompson's online persona after she posted a photo of an invoice she had gotten from a veterinarian looking after one of her pets.

This report comes in the wake of news that Equifax may have to pay up to $700 million over a 2017 data breach, according to CNET. An internet Good Samaritan saw the post and informed Capital One about the data theft.

Other reports by iNewsToday