Capital One said Monday that in a huge data theft that led to the arrest of a Seattle woman, private information, including social security and bank account numbers of more than 100 million people, was compromised.
According to research, Paige A. Thompson, 33, a former software engineer, has been charged with stealing information from Capital One credit card apps in what is one of the top 10 information breaches ever.
On Monday, the FBI detained Thompson for theft showing court documents that took place between March 12 and July 17. Social security and bank account numbers were among the information supposedly gathered from a company’s cloud-based server.
Thompson produced her initial appearance in the United States, according to the Department of Justice. Seattle District Court and was arrested pending a hearing on 1 August. Up to five years in prison and a $250,000 fine are punishable by computer fraud and abuse.
The bank said that private data, including names, addresses, phone numbers, email addresses, birth dates, and self-reported earnings, was “the biggest category of data” accessed by candidates who applied for credit cards between 2005 and 2019.
Approximately 140,000 social security numbers and 80,000 credit card customer bank account numbers were accessed, said Capital One.
Other information acquired includes credit scores, constraints, balances, and “transaction information fragments from a total of 23 days in 2016, 2017, and 2018.” Capital One said in a news release that “100 million people in the U.S. and about 6 million people in Canada” were impacted. The bank also set up on capital one a consumer website about the infringement.
The violation was found on July 19 and the firm said it “instantly corrected the vulnerability that this person exploited and instantly started working with federal law enforcement.” “While I am thankful that the perpetrator was captured, I am deeply sorry for what occurred,” said Richard D. Fairbank, Chairman, and CEO of Capital One in a declaration. “I apologize sincerely for the understandable concern that this event must cause those impacted and I am committed to correcting it.”
Last week, Equifax reached an agreement on the 2017 violation with the Federal Trade Commission, the Consumer Financial Protection Bureau and 50 countries that impacted about 147 million Americans.
The agreement calls for Equifax to pay at least $575 million, including $300 million for free credit monitoring facilities, $175 million for countries, Columbia District and Puerto Rico, and $100 million in CFPB penalties.
And Monday, a data breach was recorded by the Los Angeles Police Department exposing thousands of policemen and applicants private information.
Capital One said the event will cost between $100 million and $150 million in 2019 in the release. Everyone impacted will have free credit monitoring and identity protection, the business said.
Matt Schulz, the Chief business analyst, said the violation is “another reminder of why building fraud detection checks into your daily routine is so essential.” He said bank accounts linked to secured loan cards were also compromised.
“These cards are favorites for those who start with a credit or reconstruct their credit and often have a very little economic margin for the mistake,” said Schulz. “There may not be an enormous quantity of cash in these accounts, but keeping as close a watch for fraud as any other form of loan cardholder is very essential for cardholders with those accounts.”