Saturday, May 17, 2025
HomeCyber Security NewsCapital One Hacked - Over 100 Million Credit Card Application Data Exposed

Capital One Hacked – Over 100 Million Credit Card Application Data Exposed

Published on

SIEM as a Service

Follow Us on Google News

Capital one hacked, the hack exposed more than 100 million customers data across the US and Canada. The breach was learned by Capital One Financial Corporation on July 19, 2019.

Following are the personal information affected with the breach that includes names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth, credit scores, credit limits, balances, payment history, contact information, and self-reported income.

The leaked data includes 140,000 Social Security numbers and 80,000 linked bank account numbers, according to the company statement “no credit card account numbers or log-in credentials were compromised and over 99 percent of Social Security numbers were not compromised.”

- Advertisement - Google News

Unauthorized Access

Capital One reads the unauthorized access first on July 19, 2019, “unauthorized access by an outside individual who obtained certain types of personal information” of customers who applied for credit cards Capital One.

The affected data also includes fragments of transaction data “from a total of 23 days during 2016, 2017 and 2018”, the company expects this hack could cost “approximately $100 to $150 million in 2019″.”

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman, and CEO. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

The major part of the leaked information includes information on consumers and small businesses as who applied for credit cards between 2005 through early 2019.

Capital One Hacked – Tech Worker Arrested

As soon they aware of the intrusion they immediately fixed the vulnerability and started working with FBI, the FBI has arrested the tech worker associated with the breach.

According to court records, a woman Paige A. Thompson a/k/a erratic, 33, posted on GitHub about her theft of information form Capital One server, the intrusion occurs because of a misconfigured web application firewall that enabled data access. She is detained and pending for hearing on August 1, 2019.

“Capital One quickly alerted law enforcement to the data theft — allowing the FBI to trace the intrusion,” said U.S. Attorney Moran. “I commend our law enforcement partners who are doing all they can to determine the status of the data and secure it.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering...

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for...

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign...

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering...

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for...

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign...